CVE-2026-34582
CriticalCVSS 9.1Exploitation Probability (EPSS)
Low risk14th percentile — higher than 14% of all known CVEs
Summary
The Botan C++ cryptography library prior to version 3.11.1 has a vulnerability in its TLS 1.3 implementation that allows processing of ApplicationData records before the Finished message is received. A client can bypass certificate-based authentication by omitting Certificate, CertificateVerify, and Finished messages and instead sending application data records.
Risk Assessment
The risk is that an attacker can bypass client authentication, potentially gaining unauthorized access to a server that enforces client certificate verification.
Recommendation
It is recommended to immediately upgrade Botan to version 3.11.1 or later, which contains the fix for this vulnerability.
Original NVD description (English source)
Botan is a C++ cryptography library. Prior to version 3.11.1, the TLS 1.3 implementation allowed ApplicationData records to be processed prior to the Finished message being received. A server which is attempting to enforce client authentication via certificates can by bypassed by a client which entirely omits Certificate, CertificateVerify, and the Finished message and instead sends application data records. This vulnerability is fixed in 3.11.1.

