CVE-2026-44368
PyQuorum: Timing side‑channel in mul_mod
CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th
PyQuorum is a cryptographic library for secret sharing and key management. Prior to 0.2.1, the mul_mod function implements multiplication via a binary expansion loop whose execution time depends on the Hamming weight of the second operand (the exponent). An attacker who can measure the time of secret‑sharing operations (e.g., via a remote service) could progressively recover the values of shares, ultimately leading to secret reconstruction. This vulnerability is fixed in 0.2.1.
| CWE | CWE-208 |
| Vendor | svvqt |
| Product | pyquorum |
| Published | May 13, 2026 |
Stay Ahead of the Next One
Get instant alerts for svvqt pyquorum
Be the first to know when new unknown vulnerabilities affecting svvqt pyquorum are published — delivered to Slack, Telegram or Discord.
Get Free Alerts →
Free · No credit card · 60 sec setup
Affected Versions
svvqt / pyquorum
< 0.2.1