These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.
CVE-2026-34876 is an out-of-bounds read vulnerability in Mbed TLS 3.x before 3.6.6. The vulnerability exists in the mbedtls_ccm_finish() function in library/ccm.c, which allows attackers to obtain adjacent CCM context data via invocation of the multipart CCM API with an oversized tag_len parameter. This is caused by missing validation of the tag_len parameter against the size of the internal 16-byte authe [truncated]
CVE-2026-25833 is a HIGH severity vulnerability in Mbed TLS, a cryptographic library. The vulnerability is caused by a buffer overflow in the x509_inet_pton_ipv6() function. It affects Mbed TLS versions from 3.5.0 to 3.6.5 and 4.0.0. The vulnerability was published on [cvePublishedAt] and last modified on [cveModifiedAt].
A buffer overflow vulnerability was discovered in Mbed TLS through 3.6.5 and TF-PSA-Crypto 1.0.0. The issue occurs in the public key export for FFDH keys. This vulnerability has a CVSS score of 9.8 and is classified as CRITICAL.