CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

ATTACKERKB•added 2026/05/27 4:34 p.m.•7 views

CVE-2026-44378

6.9CVSS5.8AI score0.00324EPSS

Exploits0References2Affected Software1

CNNVD•added 2026/05/27 12:0 a.m.•9 views

Botan 安全漏洞

Botan is a C++ encryption library developed by Jack Lloyd as an individual project. Versions of Botan prior to 3.12.0 contained security vulnerabilities. These vulnerabilities were caused byBER data, which led to reassembly behavior by the parser, potentially resulting in denial-of-service attack...

7.5CVSS5.8AI score0.00324EPSS

Fedora•added 2026/04/28 1:36 a.m.•5 views

[SECURITY] Fedora 44 Update: botan3-3.9.0-7.fc44

Botan is a BSD-licensed crypto library written in C++. It provides a wide variety of basic cryptographic algorithms, X.509 certificates and CRLs, PKCS \11 certificate requests, a filter/pipe message processing system, and a wide variety of other features, all written in portable C++. The API...

9.3CVSS5.2AI score0.00278EPSS

Exploits0

OSV•added 2026/04/20 8:27 a.m.•5 views

OPENSUSE-SU-2026:20566-1 Security update for Botan

This update for Botan fixes the following issue: - CVE-2026-32884: Certificate validation bypass due to mixed-case Common Name in X.509 certificates bsc1261993...

5.9CVSS5.8AI score0.00158EPSS

Exploits0References2

SUSE CVE•added 2026/04/13 11:26 p.m.•4 views

SUSE CVE-2026-32884

Botan is a C++ cryptography library. Prior to version 3.11.0, during processing of an X.509 certificate path using name constraints which restrict the set of allowable DNS names, if no subject alternative name is defined in the end-entity certificate Botan would check that the CN was allowed by t...

5.9CVSS5.7AI score0.00158EPSS

SUSE CVE•added 2026/04/10 11:25 p.m.•4 views

SUSE CVE-2026-34580

Botan is a C++ cryptography library. In 3.11.0, the function CertificateStore::certificateknown had a misleading name; it would return true if any certificate in the store had a DN and subject key identifier, if set matching that of the argument. It did not check that the cert it found and the ce...

RedhatCVE•added 2026/04/08 9:31 a.m.•2 views

CVE-2026-34580

A flaw was found in Botan, a C++ cryptography library. Due to a misleading function name and an assumption in path validation logic, an end entity certificate could be incorrectly accepted as a trusted root. This occurs when the end entity certificate's Distinguished Name DN and Subject Key...

RedhatCVE•added 2026/04/08 9:24 a.m.•1 views

CVE-2026-34582

A flaw was found in Botan, a C++ cryptography library. The TLS 1.3 implementation in Botan allows application data to be processed before the TLS handshake is fully completed. A remote attacker can exploit this by omitting critical client authentication messages, such as the Certificate,...

9.1CVSS5.9AI score0.00198EPSS

Tenable Nessus•added 2026/04/08 12:0 a.m.•2 views

Linux Distros Unpatched Vulnerability : CVE-2026-34580

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Botan is a C++ cryptography library. In 3.11.0, the function CertificateStore::certificateknown had a misleading name; it would return true if any certificate i...

OSV•added 2026/04/07 10:16 p.m.•3 views

ALPINE-CVE-2026-34582

Botan is a C++ cryptography library. Prior to version 3.11.1, the TLS 1.3 implementation allowed ApplicationData records to be processed prior to the Finished message being received. A server which is attempting to enforce client authentication via certificates can by bypassed by a client which...

9.1CVSS5.4AI score0.00198EPSS

NVD•added 2026/04/07 10:16 p.m.•1 views

CVE-2026-34580

9.3CVSS0.00189EPSS

UbuntuCve•added 2026/04/07 10:16 p.m.•2 views

CVE-2026-34582

9.1CVSS5.9AI score0.00198EPSS

OSV•added 2026/04/07 10:16 p.m.•4 views

UBUNTU-CVE-2026-34582

9.1CVSS5.8AI score0.00198EPSS

OSV•added 2026/04/07 10:16 p.m.•2 views

UBUNTU-CVE-2026-34580