CVE-2026-25834

6.5 MEDIUM

Mbed TLS v3.3.0 up to 3.6.5 and 4.0.0 allows Algorithm Downgrade

Published: 2026-04-01 · Last updated: 2026-06-05

Severity and scoring

Vendor	Product
trustedfirmware	mbed_tls

Mbed TLS v3.3.0 up to 3.6.5 and 4.0.0 allows Algorithm Downgrade.

Source: NVD

Same vendor

CVE-2026-45702 — OP-TEE is a Trusted Execution Environment (TEE) designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using t... (4.4 MEDIUM)
CVE-2026-45614 — OP-TEE is a Trusted Execution Environment (TEE) designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using t... (4.7 MEDIUM)
CVE-2026-40290 — OP-TEE is a Trusted Execution Environment (TEE) designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using t... (7.8 HIGH)
CVE-2026-33662 — OP-TEE is a Trusted Execution Environment (TEE) designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using t... (7.5 HIGH)
CVE-2026-33317 — OP-TEE is a Trusted Execution Environment (TEE) designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using t... (8.7 HIGH)

Same CWE

CVE-2025-71261 — An attacker with network-level access between the SUSE Virtualization and Rancher Manager in SUSE Harvester before 1.8.0 could interfere... (8.6 HIGH)
CVE-2026-9261 — Use of weak SSH cryptographic algorithms in Canon EOS Network Setting Tool Version 1.5.0 or earlier (6.8 MEDIUM)
CVE-2026-9259 — Improper validation of server certificates in Canon EOS Network Setting Tool Version 1.5.0 or earlier (6.5 MEDIUM)
CVE-2026-9258 — Improper validation of SSH host keys in Canon EOS Network Setting Tool Version 1.5.0 or earlier (6.5 MEDIUM)
CVE-2026-45388 — In OCaml-TLS before 2.1.0, the client implementation does insufficient checks of the certificate provided by the server, which allows imp... (9.1 CRITICAL)