CVE-2026-5246
Received Received - Intake
Authorization Bypass in Cesanta Mongoose P-384 TLS Verification

Publication date: 2026-04-02

Last updated on: 2026-04-29

Assigner: VulDB

Description
A vulnerability was determined in Cesanta Mongoose up to 7.20. Affected is the function mg_tls_verify_cert_signature of the file mongoose.c of the component P-384 Public Key Handler. Executing a manipulation can lead to authorization bypass. The attack can be executed remotely. Attacks of this nature are highly complex. The exploitability is told to be difficult. The exploit has been publicly disclosed and may be utilized. Upgrading to version 7.21 is able to address this issue. This patch is called 0d882f1b43ff2308b7486a56a9d60cd6dba8a3f1. The affected component should be upgraded. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-04-02
Last Modified
2026-04-29
Generated
2026-06-16
AI Q&A
2026-04-02
EPSS Evaluated
2026-06-14
NVD
CVE-2026-5246
EUVD
EUVD-2026-18184
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
cesanta mongoose From 7.0 (inc) to 7.21 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-285 The product does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action.
CWE-639 The system's authorization functionality does not prevent one user from gaining access to another user's data or record by modifying the key value identifying the data.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in Cesanta Mongoose up to version 7.20, specifically in the function mg_tls_verify_cert_signature within the mongoose.c file, which handles the P-384 Public Key. An attacker can manipulate this function to bypass authorization.

The attack can be executed remotely but is considered highly complex and difficult to exploit. The vulnerability has been publicly disclosed, and an exploit may be available.

Upgrading to version 7.21 of Cesanta Mongoose addresses this issue.

Impact Analysis

This vulnerability can lead to an authorization bypass, meaning an attacker could gain unauthorized access or privileges within the affected system.

Since the attack can be performed remotely, it increases the risk of unauthorized access from external sources.

However, the exploit is considered highly complex and difficult to execute, which may reduce the likelihood of successful attacks.

Mitigation Strategies

The immediate step to mitigate this vulnerability is to upgrade Cesanta Mongoose to version 7.21, which contains the patch 0d882f1b43ff2308b7486a56a9d60cd6dba8a3f1 that fixes the issue.

Upgrading the affected component is recommended as the vendor has released this fixed version promptly after being contacted.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-5246. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart