Critical Mbed TLS Flaws Enable Buffer Overflow and Potential Code Execution
Two high-severity vulnerabilities were disclosed in Mbed TLS, including a buffer overflow in FFDH public key export tracked as CVE-2026-34875 and a memory-corruption issue tied to serialized SSL context or session structures tracked as CVE-2026-34877. The first flaw affects Mbed TLS through 3.6.5 and TF-PSA-Crypto 1.0.0, while the second impacts Mbed TLS 2.19.0 through 3.6.5 as well as 4.0.0. Both issues were assigned a CVSS v3.1 score vector of AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H, indicating remotely exploitable conditions with low attack complexity and high impact on confidentiality, integrity, and availability.
CVE-2026-34875 is classified under CWE-120 and occurs during export of FFDH public keys, creating a buffer overflow condition. CVE-2026-34877 is associated with CWE-502 and CWE-250 and can lead to arbitrary code execution if an attacker can alter serialized SSL context or session data before it is processed. Mbed TLS security advisories were published for both flaws, putting organizations that embed the library in network-facing products, cryptographic services, or TLS-enabled applications on notice to review affected versions and vendor guidance immediately.
Timeline
Apr 2, 2026
CVE-2026-34877 disclosed for Mbed TLS serialized SSL/session memory corruption
A second Mbed TLS vulnerability, CVE-2026-34877, was disclosed affecting versions 2.19.0 through 3.6.5 and 4.0.0. The issue involves unsafe handling of serialized SSL context or session structures that can enable arbitrary code execution, with references to Mbed TLS security advisories.
Apr 1, 2026
CVE-2026-34875 published for Mbed TLS FFDH key export overflow
A new vulnerability, CVE-2026-34875, was published affecting Mbed TLS through version 3.6.5 and TF-PSA-Crypto 1.0.0. The flaw is a buffer overflow during FFDH public key export and was documented with high-impact CVSS scoring and Mbed TLS advisory references.
See the full picture in Mallory
Mallory subscribers get deeper analysis on every story, including:
Who’s affected and how
Deep-dive technical analysis
Actionable next steps for your team
IPs, domains, hashes, and more
Ask questions and take action on every story
Filter by topic, classification, timeframe
Get matching stories delivered automatically
Related Entities
Vulnerabilities
Organizations
Affected Products
Sources
Related Stories
Heap Buffer Overflow Flaws Disclosed in wolfSSL DTLS and Wireshark TLS Parsing
Two high-severity memory-corruption vulnerabilities were disclosed in widely used TLS-related software components. **CVE-2026-5264** affects wolfSSL and stems from DTLS 1.3 ACK message processing, where a remote attacker can send a crafted ACK packet to trigger a heap buffer overflow. The flaw is classified as `CWE-122` and is network-reachable with low attack complexity and no privileges or user interaction required, raising concern for applications that expose DTLS 1.3 services. A separate flaw, **CVE-2026-5402**, was disclosed in Wireshark’s TLS protocol dissector and affects versions `4.6.0` through `4.6.4`. The vulnerability is also a heap-based buffer overflow (`CWE-122`) and could allow denial of service and possible code execution when malicious traffic is processed, with the CVSS vector indicating high impact to confidentiality, integrity, and availability. Public references point to a wolfSSL GitHub pull request for the DTLS issue and to a GitLab issue and official Wireshark security advisory for the dissector flaw.
3 days ago
rust-openssl Flaws Enable Memory Disclosure and Buffer Overwrite
Two high-severity vulnerabilities were disclosed in **rust-openssl**, the Rust bindings for OpenSSL, affecting multiple `0.9.x` and `0.10.x` releases prior to **`0.10.78`**. **`CVE-2026-41898`** affects versions from `0.9.24` up to, but not including, `0.10.78`, where several FFI trampoline callback paths passed a closure-returned `usize` to OpenSSL without validating it against the output buffer size. The flaw can trigger buffer overflows and leak adjacent memory to a network peer, and it is mapped to **`CWE-126`** and **`CWE-130`**. A second issue, **`CVE-2026-41681`**, affects versions from `0.10.39` up to, but not including, `0.10.78`, in `MdCtxRef::digest_final()`, which writes `EVP_MD_CTX_size(ctx)` bytes to the caller buffer without checking whether the buffer is large enough. The resulting out-of-bounds write can cause stack corruption and is reachable from safe Rust, with the weakness classified as **`CWE-121`**. Both vulnerabilities were addressed in **`rust-openssl 0.10.78`**, with public advisories, code references, and fix details released alongside the CVE records.
1 weeks ago
OpenSSL January Security Update Fixes CMS and PKCS#12 Stack Overflows With RCE Risk
**OpenSSL released a security update on January 27, 2026**, addressing **12 vulnerabilities** across supported branches, including **one High-severity issue with potential remote code execution (RCE)**, one Moderate, and multiple Low-severity flaws. The most serious vulnerability, **CVE-2025-15467 (High)**, is a **pre-authentication stack buffer overflow** in **CMS `AuthEnvelopedData` parsing** when using AEAD ciphers (e.g., **AES-GCM**); a crafted CMS message with an **oversized IV in ASN.1 parameters** can trigger a crash and may enable code execution in applications that parse **untrusted CMS/PKCS#7 content** (notably **S/MIME** workflows). Both sources emphasize that while **DoS is the most likely outcome in many environments**, the presence of a stack write primitive makes the issue operationally significant where untrusted CMS is processed. A second notable issue, **CVE-2025-11187 (Moderate)**, involves a **stack overflow during PKCS#12 MAC verification** (PBMAC1/PBKDF2-related validation), where attacker-controlled parameters (e.g., key length) can lead to crashes and potentially more severe impact when processing **untrusted PKCS#12 files** (e.g., certificate import/export, PKI/CA tooling). Affected versions called out include **OpenSSL 3.x** (with additional low-severity issues spanning older branches such as **1.0.2 and 1.1.1**), and patched releases include **3.6.1, 3.5.5, 3.4.4, 3.3.6, and 3.0.19** (with corresponding fixes for older maintained lines). Datadog notes **OpenSSL 3.x FIPS modules are not affected** by the highlighted CMS and PKCS#12 overflow issues, and both sources point to higher risk in services that ingest these formats from external or user-supplied inputs (e.g., S/MIME gateways, certificate management services).
1 months ago