CVE-2025-64767 CRITICAL

CVE-2025-64767: hpke-js reuses AEAD nonces

Vendor Dajiaji
Product hpke-js
Weakness CWE-323
Published November 21, 2025
Last update November 21, 2025

CVSS base score

9.1/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

What the vulnerability does

01Description

hpke-js is a Hybrid Public Key Encryption (HPKE) module built on top of Web Cryptography API. Prior to version 1.7.5, the public SenderContext Seal() API has a race condition which allows for the same AEAD nonce to be re-used for multiple Seal() calls. This can lead to complete loss of Confidentiality and Integrity of the produced messages. This issue has been patched in version 1.7.5.

Key dates

02Disclosure timeline

November 21, 2025 CVE published
November 21, 2025 Record updated