{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-34582", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-03-30T16:56:30.999Z", "datePublished": "2026-04-07T21:13:49.281Z", "dateUpdated": "2026-04-08T15:41:21.671Z"}, "containers": {"cna": {"title": "Botan has a TLS 1.3 certificate authentication bypass", "problemTypes": [{"descriptions": [{"cweId": "CWE-841", "lang": "en", "description": "CWE-841: Improper Enforcement of Behavioral Workflow", "type": "CWE"}]}], "metrics": [{"cvssV4_0": {"attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "baseScore": 8.7, "baseSeverity": "HIGH", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N", "version": "4.0"}}], "references": [{"name": "https://github.com/randombit/botan/security/advisories/GHSA-pxcj-9ppx-g86g", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/randombit/botan/security/advisories/GHSA-pxcj-9ppx-g86g"}], "affected": [{"vendor": "randombit", "product": "botan", "versions": [{"version": "< 3.11.1", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-04-07T21:13:49.281Z"}, "descriptions": [{"lang": "en", "value": "Botan is a C++ cryptography library. Prior to version 3.11.1, the TLS 1.3 implementation allowed ApplicationData records to be processed prior to the Finished message being received. A server which is attempting to enforce client authentication via certificates can by bypassed by a client which entirely omits Certificate, CertificateVerify, and the Finished message and instead sends application data records. This vulnerability is fixed in 3.11.1."}], "source": {"advisory": "GHSA-pxcj-9ppx-g86g", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-08T15:41:07.742535Z", "id": "CVE-2026-34582", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-08T15:41:21.671Z"}}]}}

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-34582", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-03-30T16:56:30.999Z", "datePublished": "2026-04-07T21:13:49.281Z", "dateUpdated": "2026-04-08T15:41:21.671Z"}, "containers": {"cna": {"title": "Botan has a TLS 1.3 certificate authentication bypass", "problemTypes": [{"descriptions": [{"cweId": "CWE-841", "lang": "en", "description": "CWE-841: Improper Enforcement of Behavioral Workflow", "type": "CWE"}]}], "metrics": [{"cvssV4_0": {"attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "baseScore": 8.7, "baseSeverity": "HIGH", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N", "version": "4.0"}}], "references": [{"name": "https://github.com/randombit/botan/security/advisories/GHSA-pxcj-9ppx-g86g", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/randombit/botan/security/advisories/GHSA-pxcj-9ppx-g86g"}], "affected": [{"vendor": "randombit", "product": "botan", "versions": [{"version": "< 3.11.1", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-04-07T21:13:49.281Z"}, "descriptions": [{"lang": "en", "value": "Botan is a C++ cryptography library. Prior to version 3.11.1, the TLS 1.3 implementation allowed ApplicationData records to be processed prior to the Finished message being received. A server which is attempting to enforce client authentication via certificates can by bypassed by a client which entirely omits Certificate, CertificateVerify, and the Finished message and instead sends application data records. This vulnerability is fixed in 3.11.1."}], "source": {"advisory": "GHSA-pxcj-9ppx-g86g", "discovery": "UNKNOWN"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-34582", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-08T15:41:07.742535Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-08T15:41:17.903Z"}}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:botan_project:botan:*:*:*:*:*:*:*:*", "matchCriteriaId": "25A3A356-B073-49F5-BC6C-959E42E1D4F7", "versionEndIncluding": "3.11.0", "versionStartIncluding": "3.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Botan is a C++ cryptography library. Prior to version 3.11.1, the TLS 1.3 implementation allowed ApplicationData records to be processed prior to the Finished message being received. A server which is attempting to enforce client authentication via certificates can by bypassed by a client which entirely omits Certificate, CertificateVerify, and the Finished message and instead sends application data records. This vulnerability is fixed in 3.11.1."}], "id": "CVE-2026-34582", "lastModified": "2026-04-17T20:31:27.753", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.2, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 8.7, "baseSeverity": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2026-04-07T22:16:22.810", "references": [{"source": "security-advisories@github.com", "tags": ["Vendor Advisory", "Mitigation"], "url": "https://github.com/randombit/botan/security/advisories/GHSA-pxcj-9ppx-g86g"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-841"}], "source": "security-advisories@github.com", "type": "Primary"}]}

{"bugzilla": {"description": "botan: Botan: Client authentication bypass in TLS 1.3 implementation", "id": "2456285", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456285"}, "csaw": false, "cvss3": {"cvss3_base_score": "9.1", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "status": "draft"}, "cwe": "CWE-166", "details": ["A flaw was found in Botan, a C++ cryptography library. The TLS 1.3 implementation in Botan allows application data to be processed before the TLS handshake is fully completed. A remote attacker can exploit this by omitting critical client authentication messages, such as the Certificate, CertificateVerify, and Finished messages, and instead sending application data. This vulnerability enables a client to bypass server-enforced client authentication, potentially leading to unauthorized access."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability."}, "name": "CVE-2026-34582", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Affected", "package_name": "rust-sequoia-sq", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Affected", "package_name": "rust-sequoia-sqv", "product_name": "Red Hat Enterprise Linux 10"}], "public_date": "2026-04-07T21:13:49Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-34582\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-34582\nhttps://github.com/randombit/botan/security/advisories/GHSA-pxcj-9ppx-g86g"], "threat_severity": "Important"}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,3.11.1)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "botan", "source": "cna", "vendor": "randombit"}, "product": "botan", "vendor": "randombit"}], "analysis": {"en": {"generated_at": "2026-04-08T13:51:33.186957+00:00", "value": {"mitigation_remediation": ["Update Botan to version 3.11.1 or later", "Verify that the TLS 1.3 handshake enforces certificate authentication after the Finished message", "If upgrading is delayed, temporarily disable client certificate authentication or implement additional server\u2011side validation of client certificates"], "summary": {"action": "Immediate Patch", "impact": "Server certificate authentication bypass leading to unauthorized client access"}, "threat_synthesis": {"affected_systems": "The randomBit Botan cryptographic library versions earlier than 3.11.1 are affected. Systems that use Botan for TLS 1.3 and enforce mutual authentication are vulnerable.", "description_and_impact": "A client can send ApplicationData records before the Finished message, bypassing TLS 1.3 certificate authentication. The flaw originates from the library not validating the order of handshake messages. An attacker can therefore access services that require client certificates without presenting a valid cert, compromising confidentiality and integrity.", "risk_and_exploitability": "The CVSS score of 8.7 indicates significant risk. EPSS data is not available. The attack can be performed by an arbitrary client that sends premature application data, so no special conditions are required. This bypass permits unauthorized access, so the risk is high."}}}}, "created": "2026-04-08T19:34:09.756806+00:00", "updated": "2026-04-08T19:45:35.901205+00:00", "vendors": ["randombit", "randombit$PRODUCT$botan"]}