Description
SP1 is a zero‑knowledge virtual machine that proves the correct execution of programs compiled for the RISC-V architecture. In versions 6.0.0 through 6.0.2, a soundness vulnerability in the SP1 V6 recursive shard verifier allows a malicious prover to construct a recursive proof from a shard proof that the native verifier would reject. Version 6.1.0 fixes the issue.
Published: 2026-04-17
Score: 8.9 High
EPSS: < 1% Very Low
KEV: No
Impact: Logical Bypass via Soundness Violation
Action: Immediate Patch
AI Analysis

Impact

The flaw is a soundness vulnerability in the SP1 V6 recursive shard verifier that permits a malicious prover to construct a recursive proof from a shard proof that the native verifier would normally reject. Because the verifier accepts these forged proofs, an attacker can convince downstream systems that a desired state or computation has been correctly executed, leading to potential data integrity breach or unauthorized access to protected resources. The weakness is categorized as CWE-345 (Wrong Order of Operations) and CWE-354 (Missing Invariant in a Recursive Algorithm).

Affected Systems

The affected product is the SP1 virtual machine from succinctlabs. Versions 6.0.0 through 6.0.2 contain the flaw, while version 6.1.0 contains the fix. No other vendors or products are listed as impacted.

Risk and Exploitability

The CVSS score of 8.9 indicates a high severity; the EPSS score is not available and the vulnerability is not listed in the CISA KEV catalog. The likely attack vector is a malicious prover who can send crafted proofs to the SP1 verifier, which may occur in environments that accept third‑party proof submissions, such as zk‑based consensus systems or trusted execution contexts. Exploitation requires the ability to supply proof files to the verifier; once the forged proof is accepted, the attacker may compromise the integrity of the system relying on the verifier's output.

Generated by OpenCVE AI on April 18, 2026 at 08:50 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade to SP1 version 6.1.0 or later where the recursive shard verifier is corrected
  • Limit the use of the recursive shard verifier to trusted, whitelisted issuers until a patch is applied
  • Enable detailed audit logging of proof verification events and alert on anomalous acceptance patterns

Generated by OpenCVE AI on April 18, 2026 at 08:50 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-63x8-x938-vx33 SP1 V6 Recursion Circuit Row-Count Binding Gap
History

Fri, 17 Apr 2026 23:30:00 +0000

Type Values Removed Values Added
Description SP1 is a zero‑knowledge virtual machine that proves the correct execution of programs compiled for the RISC-V architecture. In versions 6.0.0 through 6.0.2, a soundness vulnerability in the SP1 V6 recursive shard verifier allows a malicious prover to construct a recursive proof from a shard proof that the native verifier would reject. Version 6.1.0 fixes the issue.
Title SP1 V6 Recursion Circuit Row-Count Binding Gap
Weaknesses CWE-345
CWE-354
References
Metrics cvssV4_0

{'score': 8.9, 'vector': 'CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:H/SA:N'}

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-04-17T22:58:42.580Z

Reserved: 2026-04-10T21:41:54.505Z

Link: CVE-2026-40323

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-04-18T00:16:36.767

Modified: 2026-04-18T00:16:36.767

Link: CVE-2026-40323

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-18T09:00:05Z

Weaknesses