CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedHat Linux•added 2026/05/19 1:16 p.m.•9 views

libssh: Double Free Vulnerability in libssh Key Export Functions

A flaw was found in the key export functionality of libssh. The issue occurs in the internal function responsible for converting cryptographic keys into serialized formats. During error handling, a memory structure is freed but not cleared, leading to a potential double free issue if an additiona...

6.5CVSS6.9AI score0.00482EPSS

Exploits0References4

CVE•added 2026/05/06 7:40 a.m.•7 views

CVE-2026-43088

CVE-2026-43088 (Linux kernel) affects PF_KEY export paths in the net: af_key code, where IPv6 sockaddr payloads were not fully initialized in certain export messages (SADB_ACQUIRE, SADB_X_NAT_T_NEW_MAPPING, SADB_X_MIGRATE). The issue arises because pfkey_sockaddr_size() reserves 32 bytes for IPv6...

5.5CVSS5.9AI score0.00014EPSS

Exploits0References4Affected Software1

CNNVD•added 2026/05/06 12:0 a.m.•3 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the fact that the last four bytes of the sockaddrin6 structure in the PFKEY export path are not...

5.5CVSS5.8AI score0.00014EPSS

Tenable Nessus•added 2026/05/06 12:0 a.m.•6 views

Linux Distros Unpatched Vulnerability : CVE-2026-43088

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: afkey: zero aligned sockaddr tail in PFKEY exports PFKEY export paths use pfkeysockaddrsize when reserving sockaddr payload space, so IPv6 addresses occupy...

5.5CVSS5.9AI score0.00014EPSS

Exploits0References4

SUSE CVE•added 2026/04/03 11:24 p.m.•2 views

SUSE CVE-2026-34875

An issue was discovered in Mbed TLS through 3.6.5 and TF-PSA-Crypto 1.0.0. A buffer overflow can occur in public key export for FFDH keys...

9.8CVSS6AI score0.00057EPSS

Tenable Nessus•added 2026/04/03 12:0 a.m.•4 views

Linux Distros Unpatched Vulnerability : CVE-2026-34875

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Mbed TLS through 3.6.5 and TF-PSA-Crypto 1.0.0. A buffer overflow can occur in public key export for FFDH keys. CVE-2026-34875 Note...

9.8CVSS6AI score0.00057EPSS

RedhatCVE•added 2026/04/02 5:58 a.m.•2 views

CVE-2026-34875

A flaw was found in Mbed TLS and TF-PSA-Crypto. This vulnerability, a buffer overflow, occurs during the export of public keys for FFDH Finite Field Diffie-Hellman keys. A remote attacker could exploit this to potentially execute arbitrary code, gaining full control over the affected system, or...

9.8CVSS6.2AI score0.00057EPSS

Exploits0References5

EUVD•added 2026/04/01 6:36 p.m.•2 views

EUVD-2026-17993

An issue was discovered in Mbed TLS through 3.6.5 and TF-PSA-Crypto 1.0.0. A buffer overflow can occur in public key export for FFDH keys...

NVD•added 2026/04/01 6:16 p.m.•2 views

CVE-2026-34875

An issue was discovered in Mbed TLS through 3.6.5 and TF-PSA-Crypto 1.0.0. A buffer overflow can occur in public key export for FFDH keys...

9.8CVSS0.00057EPSS

OSV•added 2026/04/01 6:16 p.m.•1 views

DEBIAN-CVE-2026-34875

An issue was discovered in Mbed TLS through 3.6.5 and TF-PSA-Crypto 1.0.0. A buffer overflow can occur in public key export for FFDH keys...

9.8CVSS5.6AI score0.00057EPSS

Exploits0References1

OSV•added 2026/04/01 6:16 p.m.•2 views

UBUNTU-CVE-2026-34875

An issue was discovered in Mbed TLS through 3.6.5 and TF-PSA-Crypto 1.0.0. A buffer overflow can occur in public key export for FFDH keys...

9.8CVSS6AI score0.00057EPSS

ATTACKERKB•added 2026/04/01 12:0 a.m.•3 views

CVE-2026-34875

An issue was discovered in Mbed TLS through 3.6.5 and TF-PSA-Crypto 1.0.0. A buffer overflow can occur in public key export for FFDH keys...

Debian CVE•added 2026/04/01 12:0 a.m.•1 views

CVE-2026-34875

An issue was discovered in Mbed TLS through 3.6.5 and TF-PSA-Crypto 1.0.0. A buffer overflow can occur in public key export for FFDH keys...

9.8CVSS5.6AI score0.00057EPSS

Exploits0

Cvelist•added 2026/04/01 12:0 a.m.•16 views

CVE-2026-34875

An issue was discovered in Mbed TLS through 3.6.5 and TF-PSA-Crypto 1.0.0. A buffer overflow can occur in public key export for FFDH keys...

0.00057EPSS

Vulnrichment•added 2026/04/01 12:0 a.m.•2 views

CVE-2026-34875

An issue was discovered in Mbed TLS through 3.6.5 and TF-PSA-Crypto 1.0.0. A buffer overflow can occur in public key export for FFDH keys...

6.1AI score0.00057EPSS

Snyk•added 2026/04/01 12:0 a.m.•2 views

Buffer Overflow

Overview Affected versions of this package are vulnerable to Buffer Overflow via the FFDH public key export in the psaexportpublickey function. An attacker can execute arbitrary code or cause a denial of service by sending specially crafted input to the affected process. Remediation Upgrade mbedt...

Positive Technologies•added 2026/04/01 12:0 a.m.•2 views

PT-2026-29582

Name of the Vulnerable Software and Affected Versions Mbed TLS versions through 3.6.5 TF-PSA-Crypto version 1.0.0 Description A buffer overflow can occur during the public key export process for FFDH keys. Recommendations Update Mbed TLS to a version later than 3.6.5. Update TF-PSA-Crypto to a...

9.8CVSS6AI score0.00079EPSS

Exploits0References24

CNNVD•added 2026/04/01 12:0 a.m.•1 views

Mbed TLS 安全漏洞

Mbed TLS is an open-source, portable, easy-to-use, readable, and flexible SSL library developed by Mbed TLS. Mbed TLS versions 3.6.5 and earlier, as well as TF-PSA-Crypto version 1.0.0, have security vulnerabilities. These vulnerabilities stem from a buffer overflow issue during the export of the...