CVE-2026-34875

Published: Apr 01, 2026 Last Modified: Apr 01, 2026
ExploitDB:
Other exploit source:
Google Dorks:
CRITICAL 9,8
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Attack Vector: network
Attack Complexity: low
Privileges Required: none
User Interaction: none
Scope: unchanged
Confidentiality: high
Integrity: high
Availability: high

Description

AI Translation Available

An issue was discovered in Mbed TLS through 3.6.5 and TF-PSA-Crypto 1.0.0. A buffer overflow can occur in public key export for FFDH keys.

120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

Incomplete
Abstraction: Base Structure: Simple
Common Consequences
Security Scopes Affected:
Integrity Confidentiality Availability
Potential Impacts:
Modify Memory Execute Unauthorized Code Or Commands Dos: Crash, Exit, Or Restart Dos: Resource Consumption (Cpu)
Applicable Platforms
Languages: Assembly, C, C++, Memory-Unsafe
Likelihood of Exploit: High
View CWE Details
https://mbed-tls.readthedocs.io/en/latest/security-advisori…
https://mbed-tls.readthedocs.io/en/latest/security-advisories/
https://mbed-tls.readthedocs.io/en/latest/security-advisori…
https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-…