Security researchers are sounding the alarm over a fresh flaw in the JavaScript implementation of OpenPGP (OpenPGP.js) that allows both signed and encrypted messages to be spoofed.
Discovered by Codean Labs’ Edoardo Geraci and Thomas Rinsma, the vulnerability essentially undermines the core purpose of using public key cryptography to secure communications.
Tracked as CVE-2025-47934 (8.7 – high), the vulnerability stems from the
openpgp.verifyandopenpgp.decryptfunctions. The advisory posted to the library’s GitHub repo states that a maliciously modified message can be passed to one of these functions and return a result indicating a valid signature without actually being signed.The researchers said a full write-up of the vulnerability, complete with a proof of concept (PoC) exploit, is “coming soon.” It’s common practice to delay disclosing PoCs to allow users time to patch affected products.
The affected versions are 5.0.1 to 5.11.2 and 6.0.0-alpha.0 to 6.1.0. Users are advised to upgrade to either 5.11.3 or 6.1.1 as soon as possible to fix the problem. Versions 4.x aren’t affected.
There is no PoC just yet, but the advisory offers up some details about how the attack, which affects both signed (inline) messages and signed-and-encrypted messages, could play out.
[…]
The most notable user of OpenPGP is encrypted email provider Proton Mail. The team behind it maintains the library, and the technology is used to offer end-to-end encryption for its users.
As of 2023, Proton Mail had more than 100 million accounts registered. It’s not known how many of these accounts are active, but the figure offers some sense of how many people rely on OpenPGP every day.
Various other email services support the OpenPGP standard either natively or with a little extra software tacked on.
Microsoft Outlook supports it, for example, provided users install an add-in such as gpg4o or Gpg4win, although Outlook has its own encryption capabilities via S/MIME or Microsoft Purview Message Encryption.
Many others, most of them open source and a little niche, however, support the standard straight out of the box.
Source: OpenPGP.js bug enables encrypted message spoofing • The Register
Robin Edgar
Organisational Structures | Technology and Science | Military, IT and Lifestyle consultancy | Social, Broadcast & Cross Media | Flying aircraft