CVE-2026-46654 PUBLISHED

Plonky3 MultiField32Challenger: transcript malleability and challenge entropy loss

Assigner: GitHub_M
Reserved: 15.05.2026 Published: 10.06.2026 Updated: 11.06.2026

Plonky3 is a toolkit for polynomial IOPs (PIOPs). Prior to versions 0.4.3 and 0.5.3, an attacker controlling prover-side observations can craft distinct transcripts that produce identical challenges, breaking the binding property of Fiat-Shamir. This issue has been patched in versions 0.4.3 and 0.5.3.

Metrics

CVSS Vector: CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:H/SA:N
CVSS Score: 8.9

Product Status

Vendor Plonky3
Product Plonky3
Versions
  • Version < 0.4.3 is affected
  • Version >= 0.5.0, < 0.5.3 is affected

References

Problem Types

  • CWE-1240: Use of a Cryptographic Primitive with a Risky Implementation CWE
  • CWE-345: Insufficient Verification of Data Authenticity CWE