CVE-2026-4603 Overview
CVE-2026-4603 is a division by zero vulnerability affecting the jsrsasign JavaScript library versions prior to 11.1.1. The flaw exists in the RSA public key parsing and BigInteger reduction logic within ext/rsa.js and ext/jsbn.js. An attacker can exploit this vulnerability by supplying a maliciously crafted JSON Web Key (JWK) with a modulus that decodes to zero, causing RSA operations such as signature verification and encryption to collapse to deterministic zero outputs while suppressing "invalid key" error messages.
Critical Impact
Attackers can bypass cryptographic signature verification and encryption safeguards by forcing RSA operations to produce deterministic zero outputs, potentially enabling authentication bypass or data integrity attacks in applications relying on jsrsasign for cryptographic operations.
Affected Products
- jsrsasign_project jsrsasign versions before 11.1.1
- Node.js applications using vulnerable jsrsasign package
- Web applications implementing JWK-based RSA cryptographic operations with jsrsasign
Discovery Timeline
- 2026-03-23 - CVE CVE-2026-4603 published to NVD
- 2026-03-23 - Last updated in NVD database
Technical Details for CVE-2026-4603
Vulnerability Analysis
This division by zero vulnerability (CWE-369) stems from insufficient validation of RSA public key parameters during the key parsing and cryptographic operation phases. When processing a JSON Web Key, the library fails to verify that the modulus value is a valid, non-zero integer before performing modular arithmetic operations. This oversight allows an attacker to craft a JWK with a zero-valued modulus, which propagates through the RSA computation pipeline.
The impact is particularly concerning because the vulnerability causes RSA operations to fail silently or produce deterministic outputs rather than throwing appropriate cryptographic errors. Applications relying on jsrsasign for JWT signature verification, encrypted data validation, or other RSA-based security controls may inadvertently accept forged or manipulated cryptographic tokens.
Root Cause
The root cause lies in two components of the jsrsasign library. First, the RSASetPublic/KEYUTIL parsing path in ext/rsa.js does not validate that the RSA modulus (n) is greater than one and that the public exponent (e) is a valid positive integer. Second, the BigInteger.modPowInt reduction logic in ext/jsbn.js does not properly handle division operations when the divisor equals zero, instead silently returning rather than throwing an exception.
Attack Vector
The vulnerability requires local access and can be exploited without authentication or user interaction. An attacker provides a malformed JWK to an application that processes RSA keys using jsrsasign. The malicious JWK contains a modulus value that decodes to zero. When the application performs RSA operations with this key, the division by zero causes cryptographic computations to collapse, potentially allowing the attacker to bypass signature verification or cause other security failures.
// Security patch in ext/jsbn.js - Division by zero protection
// Source: https://github.com/kjur/jsrsasign/commit/dc41d49fac4297e7a737a3ef8ebd0aa9c49ef93f
// r != q, this != m. q or r may be null.
function bnpDivRemTo(m,q,r) {
var pm = m.abs();
- if(pm.t <= 0) return;
+ if(pm.t <= 0) throw "BigInteger divide by zero";
var pt = this.abs();
if(pt.t < pm.t) {
if(q != null) q.fromInt(0);
// Security patch in ext/rsa.js - RSA public key validation
// Source: https://github.com/kjur/jsrsasign/commit/dc41d49fac4297e7a737a3ef8ebd0aa9c49ef93f
} else {
throw "Invalid RSA public key";
}
+
+ if (this.n == null ||
+ typeof this.n.compareTo !== "function" ||
+ this.n.compareTo(BigInteger.ONE) <= 0 ||
+ this.e == null ||
+ isNaN(this.e) ||
+ this.e <= 0) {
+ throw "Invalid RSA public key";
+ }
}
// Perform raw public operation on "x": return x^e (mod n)
Detection Methods for CVE-2026-4603
Indicators of Compromise
- RSA signature verification operations returning unexpected success for obviously invalid signatures
- Cryptographic operations completing without errors when using malformed JWK inputs
- Application logs showing silent failures or unexpected behavior in JWT validation workflows
- Network traffic containing JWK payloads with abnormally small or zero-valued modulus fields
Detection Strategies
- Audit application dependencies to identify jsrsasign versions below 11.1.1
- Implement input validation logging to detect JWK submissions with suspicious modulus values
- Monitor for security exceptions related to RSA key validation that may indicate exploitation attempts
- Use software composition analysis (SCA) tools to flag vulnerable jsrsasign package versions
Monitoring Recommendations
- Deploy runtime application self-protection (RASP) to detect anomalous cryptographic operation patterns
- Implement centralized logging for all JWT and JWK processing events with key parameter validation
- Configure alerting for authentication or signature verification anomalies in applications using jsrsasign
- Establish baseline metrics for cryptographic operation success/failure rates to detect deviation
How to Mitigate CVE-2026-4603
Immediate Actions Required
- Upgrade jsrsasign to version 11.1.1 or later immediately
- Audit all applications in your environment that depend on jsrsasign for cryptographic operations
- Review authentication and signature verification logs for signs of potential exploitation
- Consider implementing additional server-side validation of JWK parameters as defense-in-depth
Patch Information
The vulnerability has been addressed in jsrsasign version 11.1.1. The fix adds explicit validation in the RSA key parsing logic to ensure the modulus is greater than one and the exponent is a valid positive integer. Additionally, the BigInteger division function now throws an explicit exception when encountering a zero divisor rather than silently returning.
The security patch is available via the GitHub Commit. Additional technical details can be found in the GitHub Pull Request Discussion and the Snyk Vulnerability Report.
Workarounds
- Implement pre-validation of JWK parameters before passing them to jsrsasign RSA operations
- Add application-level checks to verify RSA modulus values are valid non-zero integers exceeding BigInteger.ONE
- Consider temporarily switching to an alternative JWT/JWK library if immediate patching is not feasible
- Deploy web application firewall (WAF) rules to filter JWK payloads with suspicious modulus values
# Configuration example - Update jsrsasign package
npm update jsrsasign@11.1.1
# Verify installed version
npm list jsrsasign
# For yarn users
yarn upgrade jsrsasign@11.1.1
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
