CVE-2026-34582
TLS 1.3 Authentication Bypass in Botan Cryptography Library
Publication date: 2026-04-07
Last updated on: 2026-04-17
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| botan_project | botan | From 3.0.0 (inc) to 3.11.0 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-841 | The product supports a session in which more than one behavior must be performed by an actor, but it does not properly ensure that the actor performs the behaviors in the required sequence. |
Attack-Flow Graph
AI Powered Q&A
What immediate steps should I take to mitigate this vulnerability?
The vulnerability is fixed in Botan version 3.11.1. Immediate mitigation involves upgrading the Botan cryptography library to version 3.11.1 or later.
Can you explain this vulnerability to me?
This vulnerability exists in the Botan C++ cryptography library's TLS 1.3 implementation prior to version 3.11.1. It allows ApplicationData records to be processed before the Finished message is received during a TLS handshake.
Specifically, a server that enforces client authentication via certificates can be bypassed by a client that omits sending the Certificate, CertificateVerify, and Finished messages, and instead sends application data records directly.
This means the client can skip the authentication steps and still have its application data processed, which is a security flaw.
How can this vulnerability impact me? :
This vulnerability can allow an attacker to bypass client authentication on a server using Botan's TLS 1.3 implementation prior to version 3.11.1.
As a result, unauthorized clients could send application data without proving their identity, potentially leading to unauthorized access or data exposure.
This undermines the security guarantees of TLS client authentication and could compromise the confidentiality and integrity of communications.