Cross-Crypto: >> Cross-Implementation Security Vulnerabilities
CROSS implementation contains reference and optimized implementations of the CROSS post-quantum signature algorithm. Prior to commit fc6b7e7, there is a buffer overflow in crypto_sign_open() caused by an underflow of the integer mlen. This issue has been patched via commit fc6b7e7.
CVSS Score
6.9
EPSS Score
0.001
Published
2026-05-08