{"affected":[{"ecosystem_specific":{"binaries":[{"libsodium23":"1.0.18-slfo.1.1_3.1"}]},"package":{"ecosystem":"SUSE:Linux Micro 6.1","name":"libsodium","purl":"pkg:rpm/suse/libsodium&distro=SUSE%20Linux%20Micro%206.1"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.0.18-slfo.1.1_3.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for libsodium fixes the following issues:\n\n- CVE-2025-15444: Fixed cryptographic bypass via improper elliptic curve point validation (bsc#1256070).\n- CVE-2025-69277: Fixed incorrect validation of elliptic curve points in crypto_core_ed25519_is_valid_point function (bsc#1255764).\n","id":"SUSE-SU-2026:20484-1","modified":"2026-02-17T09:37:03Z","published":"2026-02-17T09:37:03Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2026/suse-su-202620484-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1255764"},{"type":"REPORT","url":"https://bugzilla.suse.com/1256070"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-15444"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-69277"}],"related":["CVE-2025-15444","CVE-2025-69277"],"summary":"Security update for libsodium","upstream":["CVE-2025-15444","CVE-2025-69277"]}