anagnorisis.cloudSign in

← Hourlies

Hourly ·

AI Audit Pipeline Unearths Seven Real Bugs in Cloudflare's Crypto Library

zkSecurity pointed its AI audit pipeline at Cloudflare's CIRCL experimental cryptography library and confirmed seven real vulnerabilities — all now fixed upstream and most awarded bounties on HackerOne.

AI Audit Pipeline Unearths Seven Real Bugs in Cloudflare's Crypto Library

An automated AI audit pipeline has found seven genuine, previously unknown bugs in Cloudflare's CIRCL library — a collection of advanced and post-quantum cryptographic implementations used in production systems.

The findings were published today by zkSecurity, the firm behind the AI audit agent zkao. Their pipeline scanned CIRCL and surfaced a range of vulnerabilities, from a critical access-control break in attribute-based encryption to subtle precision-loss bugs in threshold RSA.

All seven bugs have been fixed by Cloudflare and most were awarded bounties through the company's HackerOne program. The complete list:

CP-ABE access-control break (Critical): A one-line mistake in AND-share logic allowed unauthorized decryption in ciphertext-policy attribute-based encryption.

BLS aggregate verification without message distinctness (High): The BLS aggregate signature verification accepted aggregated signatures without requiring distinct messages, enabling signature forgery across repeated messages.

HPKE PSK validation bypass (Medium): A bitwise-OR switch in the Hybrid Public Key Encryption pre-shared key validation allowed invalid keys to pass through silently.

Lagrange coefficients in int64 (Medium): Threshold secret-sharing polynomial evaluation used int64 instead of big integers, causing overflow for large parameters.

Float64 polynomial evaluation (Low): The TSS/RSA implementation evaluated recovery polynomials in float64, losing precision for larger threshold configurations.

DLEQ forgery via prover-controlled security parameter (Low): The discrete-log equality proof allowed the prover to manipulate a security parameter, breaking soundness.

DLEQ soundness break via FillBytes collision (Low): A sign collision in the FillBytes routine broke the soundness guarantee of the DLEQ proof system.

The AI produced candidate findings, not final reports. Human researchers on zkSecurity's team validated each issue, checked exploitability, minimized proofs of concept, and handled disclosure. Cloudflare's own severity ratings differed from the AI's in several cases — the CP-ABE bug was correctly flagged as Critical by both, but the float64 precision loss received only a "Low" from Cloudflare after triage.

The bugs were found using combinations of Claude Opus 4.6 with expert-crafted skills, GPT-5.3 with skills, and zkao running independently. In most cases, zkao not only replicated the findings but also discovered more complex and more severe issues on its own.

Sources: ZK/SEC Quarterly

More Hourlies Stories

Content on Anagnorisis is summarized, paraphrased, and editorialized from publicly available sources for length and clarity. Original sources are linked where available. All trademarks belong to their respective owners.

More from Anagnorisis