Description
OpenVM is a performant and modular zkVM framework built for customization and extensibility. Prior to version 1.6.0, the openvm-pairing guest library's try_honest_pairing_check function invokes Theorem 3 of https://eprint.iacr.org/2024/640.pdf but does not check that the scaling factor s is in a proper subfield of Fp12. This allows incorrect results to the pairing check. This issue has been patched in version 1.6.0.
Published: 2026-06-10
Score: 8.7 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The openvm-pairing library’s try_honest_pairing_check calls a theorem that verifies pairings but fails to ensure that the scaling factor s is in the appropriate subfield of Fp12. Because this subfield check is omitted, the function can return a true result for pairings that are mathematically invalid. An attacker who can influence the input to this function would therefore be able to forge valid pairings, compromising any cryptographic protocol that relies on OpenVM's pairing verification. This vulnerability is a classic example of CWE‑20, input validation failure.

Affected Systems

The problem exists in all releases of openvm-org/openvm that precede v1.6.0. All users who depend on the openvm-pairing guest library before the 1.6.0 release are affected.

Risk and Exploitability

The assigned CVSS score of 8.7 indicates a high severity. The EPSS score of 0.00085 indicates a very low exploitation probability, and the vulnerability is not listed in the CISA KEV catalog, suggesting a lower likelihood of widespread exploitation at present. Nevertheless, the attack vector is inferred to be local or remote input that reaches the try_honest_pairing_check routine, allowing an adversary to supply crafted scaling factors and bypass pairing validation.

Generated by OpenCVE AI on June 12, 2026 at 20:51 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade openvm to version 1.6.0 or later, which includes a fixed subfield check.
  • If immediate upgrade is not possible, enforce an additional runtime validation that the scaling factor s belongs to the proper subfield of Fp12 before calling the pairing check, effectively restoring the missing guard.
  • Continuously monitor the integrity of pairing operations and audit for anomalous successful pairings that could indicate exploitation attempts.

Generated by OpenCVE AI on June 12, 2026 at 20:51 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 12 Jun 2026 19:45:00 +0000

Type Values Removed Values Added
First Time appeared Openvm
Openvm openvm
Weaknesses NVD-CWE-noinfo
CPEs cpe:2.3:a:openvm:openvm:*:*:*:*:*:*:*:*
Vendors & Products Openvm
Openvm openvm
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N'}


Thu, 11 Jun 2026 14:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Thu, 11 Jun 2026 10:45:00 +0000

Type Values Removed Values Added
First Time appeared Openvm-org
Openvm-org openvm
Vendors & Products Openvm-org
Openvm-org openvm

Wed, 10 Jun 2026 21:00:00 +0000

Type Values Removed Values Added
Description OpenVM is a performant and modular zkVM framework built for customization and extensibility. Prior to version 1.6.0, the openvm-pairing guest library's try_honest_pairing_check function invokes Theorem 3 of https://eprint.iacr.org/2024/640.pdf but does not check that the scaling factor s is in a proper subfield of Fp12. This allows incorrect results to the pairing check. This issue has been patched in version 1.6.0.
Title `openvm-pairing` pairing check missing proper subfield check on scaling factor
Weaknesses CWE-20
References
Metrics cvssV4_0

{'score': 8.7, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-06-11T14:10:23.903Z

Reserved: 2026-05-15T21:46:51.546Z

Link: CVE-2026-46669

cve-icon Vulnrichment

Updated: 2026-06-11T14:10:05.232Z

cve-icon NVD

Status : Analyzed

Published: 2026-06-10T22:17:00.033

Modified: 2026-06-12T19:38:23.260

Link: CVE-2026-46669

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-12T21:00:20Z

Weaknesses