A newly discovered flaw in OpenPGP.js, a JavaScript cryptography library used by services like Proton Mail, could allow attackers to spoof messages that appear securely signed and encrypted, security researchers said.
The flaw, identified as CVE-2025-47934 and assigned a critical severity rating, was discovered by Edoardo Geraci and Thomas Rinsma of Codean Labs. It stems from how the library’s openpgp.verify and openpgp.decrypt functions process certain messages.
According to an advisory posted on GitHub, a specially crafted message could trick the system into confirming a valid signature, even when the message has not been properly signed.
The issue raises concerns about the trustworthiness of encrypted communications relying on the library.
“In order to spoof a message, the attacker needs a single valid message signature (inline or detached) as well as the plaintext data that was legitimately signed and can then construct an inline-signed message or signed-and-encrypted message with any data of the attacker’s choice, which will appear as legitimately signed by affected versions of OpenPGP.js,” the advisory noted.
The flaw would allow attackers to alter the content of inline-signed messages while still producing a result that indicates the signature is valid.
In cases involving both signed and encrypted messages, an attacker with access to a legitimate signature could encrypt a different message of their choosing and have it appear authenticated.
The affected versions are 5.0.1 to 5.11.2 and 6.0.0-alpha.0 to 6.1.0. The issue has been patched in versions 5.11.3 and 6.1.1. OpenPGP.js v4 is not affected.
Impact of the flaw
The vulnerability could pose a significant risk, particularly to services like Proton Mail that depend on OpenPGP.js for client-side encryption. It specifically affects the way digital signatures are verified in some cases, such as with inline-signed messages.
“An attacker who has access to both a signed message and its plaintext could craft a completely different message that still appears to be validly signed,” said Sakshi Grover, senior research manager for IDC Asia Pacific Cybersecurity Services. “This compromises a fundamental promise of encrypted email, i.e., that a valid signature confirms the message hasn’t been altered.”
Grover noted that the extent of the risk to Proton Mail users depends on how often the affected signature formats are used.
While the flaw may have limited impact on day-to-day communications, it could pose a greater threat in high-risk situations or in environments where older or less secure formats are still in use.
Proton Mail did not respond to a request for comment.
Trusting open code
The incident also underscores a familiar trade-off. Open-source libraries such as OpenPGP.js are widely used because they offer transparency, broad adoption, and the advantages of community input and peer review.
But trusting open source libraries also means inheriting any flaws they might have, even subtle ones, that can go unnoticed for years.
“This vulnerability shows that even well-established crypto libraries can contain dangerous bugs, especially in edge cases,” Grover said. “The risk is even greater when you consider supply chain threats where there have been increasing concerns about malicious actors, including state-sponsored groups, attempting to inject or maintain backdoors in widely used libraries.”
Privacy-focused services should not rely solely on open-source tools, but also invest in regular code audits, threat modelling, and thorough testing against both common and advanced attack techniques, Grover said.
No Responses