{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-26014", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-02-09T21:36:29.554Z", "datePublished": "2026-02-11T21:07:50.187Z", "dateUpdated": "2026-02-13T14:18:02.707Z"}, "containers": {"cna": {"title": "Pion DTLS uses random nonce generation with AES GCM ciphers risks leaking the authentication key", "problemTypes": [{"descriptions": [{"cweId": "CWE-200", "lang": "en", "description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}}], "references": [{"name": "https://github.com/pion/dtls/security/advisories/GHSA-9f3f-wv7r-qc8r", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/pion/dtls/security/advisories/GHSA-9f3f-wv7r-qc8r"}, {"name": "https://github.com/pion/dtls/pull/796", "tags": ["x_refsource_MISC"], "url": "https://github.com/pion/dtls/pull/796"}, {"name": "https://github.com/pion/dtls/commit/61762dee8217991882c5eb79856b9e7a73ee349f", "tags": ["x_refsource_MISC"], "url": "https://github.com/pion/dtls/commit/61762dee8217991882c5eb79856b9e7a73ee349f"}, {"name": "https://github.com/pion/dtls/commit/90e241cfec2985715efdd3d005972847462a67d6", "tags": ["x_refsource_MISC"], "url": "https://github.com/pion/dtls/commit/90e241cfec2985715efdd3d005972847462a67d6"}, {"name": "https://github.com/pion/dtls/releases/tag/v3.0.11", "tags": ["x_refsource_MISC"], "url": "https://github.com/pion/dtls/releases/tag/v3.0.11"}, {"name": "https://github.com/pion/dtls/releases/tag/v3.1.1", "tags": ["x_refsource_MISC"], "url": "https://github.com/pion/dtls/releases/tag/v3.1.1"}], "affected": [{"vendor": "pion", "product": "dtls", "versions": [{"version": "= 3.1.0", "status": "affected"}, {"version": "< 3.0.11", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-02-13T14:18:02.707Z"}, "descriptions": [{"lang": "en", "value": "Pion DTLS is a Go implementation of Datagram Transport Layer Security. Pion DTLS versions v1.0.0 through v3.0.10 and 3.1.0 use random nonce generation with AES GCM ciphers, which makes it easier for remote attackers to obtain the authentication key and spoof data by leveraging the reuse of a nonce in a session and a \"forbidden attack\". Upgrade to v3.0.11, v3.1.1, or later."}], "source": {"advisory": "GHSA-9f3f-wv7r-qc8r", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-02-12T21:23:09.377889Z", "id": "CVE-2026-26014", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-12T21:23:27.123Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-26014", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-02-12T21:23:09.377889Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-12T21:23:24.056Z"}}], "cna": {"title": "Pion DTLS uses random nonce generation with AES GCM ciphers risks leaking the authentication key", "source": {"advisory": "GHSA-9f3f-wv7r-qc8r", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.9, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "pion", "product": "dtls", "versions": [{"status": "affected", "version": "< 3.1.0"}]}], "references": [{"url": "https://github.com/pion/dtls/security/advisories/GHSA-9f3f-wv7r-qc8r", "name": "https://github.com/pion/dtls/security/advisories/GHSA-9f3f-wv7r-qc8r", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/pion/dtls/pull/796", "name": "https://github.com/pion/dtls/pull/796", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/pion/dtls/commit/61762dee8217991882c5eb79856b9e7a73ee349f", "name": "https://github.com/pion/dtls/commit/61762dee8217991882c5eb79856b9e7a73ee349f", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/pion/dtls/releases/tag/v3.1.0", "name": "https://github.com/pion/dtls/releases/tag/v3.1.0", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "Pion DTLS is a Go implementation of Datagram Transport Layer Security. Pion DTLS versions v1.0.0 through v3.1.0 use random nonce generation with AES GCM ciphers, which makes it easier for remote attackers to obtain the authentication key and spoof data by leveraging the reuse of a nonce in a session and a \"forbidden attack\". Upgrade to v3.1.0 or later."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-200", "description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-02-11T21:07:50.187Z"}}}, "cveMetadata": {"cveId": "CVE-2026-26014", "state": "PUBLISHED", "dateUpdated": "2026-02-12T21:23:27.123Z", "dateReserved": "2026-02-09T21:36:29.554Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2026-02-11T21:07:50.187Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:pion:dtls:*:*:*:*:*:*:*:*", "matchCriteriaId": "637DA08C-B336-461A-88BE-F52B88D93F00", "versionEndExcluding": "3.1.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Pion DTLS is a Go implementation of Datagram Transport Layer Security. Pion DTLS versions v1.0.0 through v3.0.10 and 3.1.0 use random nonce generation with AES GCM ciphers, which makes it easier for remote attackers to obtain the authentication key and spoof data by leveraging the reuse of a nonce in a session and a \"forbidden attack\". Upgrade to v3.0.11, v3.1.1, or later."}], "id": "CVE-2026-26014", "lastModified": "2026-02-13T21:37:50.663", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 3.6, "source": "security-advisories@github.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.2, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2026-02-11T21:16:21.257", "references": [{"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/pion/dtls/commit/61762dee8217991882c5eb79856b9e7a73ee349f"}, {"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/pion/dtls/commit/90e241cfec2985715efdd3d005972847462a67d6"}, {"source": "security-advisories@github.com", "tags": ["Issue Tracking"], "url": "https://github.com/pion/dtls/pull/796"}, {"source": "security-advisories@github.com", "tags": ["Release Notes"], "url": "https://github.com/pion/dtls/releases/tag/v3.0.11"}, {"source": "security-advisories@github.com", "tags": ["Release Notes"], "url": "https://github.com/pion/dtls/releases/tag/v3.1.1"}, {"source": "security-advisories@github.com", "tags": ["Patch", "Vendor Advisory"], "url": "https://github.com/pion/dtls/security/advisories/GHSA-9f3f-wv7r-qc8r"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "security-advisories@github.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "github.com/pion/dtls: Pion DTLS uses random nonce generation with AES GCM ciphers risks leaking the authentication key", "id": "2439178", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2439178"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.9", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "status": "draft"}, "cwe": "(CWE-323|CWE-200)", "details": ["A vulnerability has been identified in the Pion DTLS implementation where the use of random nonce generation with AES-GCM ciphers does not adhere to recommended cryptographic practices. Under certain conditions, this may allow remote attackers to more easily derive or reuse encryption authentication keys, potentially leading to spoofed or compromised DTLS sessions during communication."], "mitigation": {"lang": "en:us", "value": "No mitigation is currently available that meets Red Hat Product Security\u2019s standards for usability, deployment, applicability, or stability."}, "name": "CVE-2026-26014", "package_state": [{"cpe": "cpe:/a:redhat:network_observ_optr:1", "fix_state": "Fix deferred", "package_name": "network-observability/network-observability-ebpf-agent-rhel9", "product_name": "Network Observability Operator"}, {"cpe": "cpe:/a:redhat:network_observ_optr:1", "fix_state": "Fix deferred", "package_name": "network-observability/network-observability-flowlogs-pipeline-rhel9", "product_name": "Network Observability Operator"}], "public_date": "2026-02-11T21:07:50Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-26014\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-26014\nhttps://github.com/pion/dtls/commit/61762dee8217991882c5eb79856b9e7a73ee349f\nhttps://github.com/pion/dtls/pull/796\nhttps://github.com/pion/dtls/releases/tag/v3.1.0\nhttps://github.com/pion/dtls/security/advisories/GHSA-9f3f-wv7r-qc8r"], "statement": "Red Hat Product Security classified this issue as Moderate severity, because an unauthenticated remote attacker could, in theory, take advantage of the improper nonce generation in Pion DTLS to more easily obtain the authentication key for AES-GCM ciphers and spoof or manipulate DTLS traffic. However, exploitation requires specific conditions and a detailed understanding of the protocol, contributing to a higher attack complexity. Additionally, there is no direct effect on data integrity or availability solely from this issue, and successful exploitation typically requires carefully crafted, protocol-level interactions. These factors limit the practical risk in most real-world deployments.", "threat_severity": "Moderate"}