2026.07.02 18:51:20 (Mastodon 116851886037216139, Twitter 2072755024770580574) from Daniel J. Bernstein:
Wasn't someone saying a moment ago that ML-KEM is super-easy to implement correctly? How do we explain https://www.cve.org/CVERecord?id=CVE-2026-6330, then? Offhand I'd think this one isn't exploitable, but we'll see more and more ML-KEM bugs, and some of them will be severe vulnerabilities.