CVE-2026-34873 | mbed TLS up to 3.5.0/4.0.0 TLS 1.3 Session privilege escalation

April 2, 2026 Yanac

A vulnerability was found in mbed TLS up to 3.5.0/4.0.0 and classified as critical. Affected by this issue is some unknown functionality of the component TLS 1.3 Session Handler. Such manipulation leads to privilege escalation.

This vulnerability is documented as CVE-2026-34873. The attack can be executed remotely. There is not any exploit available.VulDB Recent EntriesRead More

CVE-2026-34562 | ci4-cms-erp ci4ms 0.28.5.0 Setting cross site scripting (GHSA-v897-c6vq-6cr3)
CVE-2026-34561 | ci4-cms-erp ci4ms 0.28.5.0 Setting cross site scripting (GHSA-gcfj-cf7j-vwgj)