CVE-2026-34582
Published: 07 April 2026
Summary
CVE-2026-34582 is a critical-severity Improper Enforcement of Behavioral Workflow (CWE-841) vulnerability in Botan Project Botan. Its CVSS base score is 9.1 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 9.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-2 (Flaw Remediation) and RA-5 (Vulnerability Monitoring and Scanning).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Directly requires identification, reporting, and timely remediation of known flaws like CVE-2026-34582 by patching Botan to version 3.11.1.
Protects communications session authenticity by ensuring TLS handshakes complete properly before processing application data, mitigating bypass of client certificate authentication.
Enables regular vulnerability scanning to identify TLS 1.3 implementation flaws such as premature ApplicationData processing in vulnerable Botan versions.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
The vulnerability directly enables remote exploitation of a TLS server (public-facing application) by bypassing mandatory client certificate authentication during the TLS 1.3 handshake, allowing unauthorized access without credentials or interaction.
NVD Description
Botan is a C++ cryptography library. Prior to version 3.11.1, the TLS 1.3 implementation allowed ApplicationData records to be processed prior to the Finished message being received. A server which is attempting to enforce client authentication via certificates can by…
more
bypassed by a client which entirely omits Certificate, CertificateVerify, and the Finished message and instead sends application data records. This vulnerability is fixed in 3.11.1.
Deeper analysisAI
CVE-2026-34582 affects Botan, a C++ cryptography library, specifically its TLS 1.3 implementation in versions prior to 3.11.1. The vulnerability (CWE-841) enables the processing of ApplicationData records before the Finished message is received during the TLS handshake. This flaw allows a server enforcing client authentication via certificates to be bypassed, as rated with a CVSS v3.1 base score of 9.1 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N).
A remote attacker acting as a TLS client can exploit this by omitting the Certificate, CertificateVerify, and Finished messages entirely, instead sending ApplicationData records directly. No privileges or user interaction are required, enabling low-complexity network-based attacks against vulnerable Botan-based servers. Successful exploitation bypasses mandatory client certificate authentication, potentially granting unauthorized access to protected resources and compromising confidentiality and integrity.
The Botan security advisory at https://github.com/randombit/botan/security/advisories/GHSA-pxcj-9ppx-g86g details the issue and confirms the fix in version 3.11.1, recommending immediate upgrades for all users of affected versions implementing TLS 1.3 servers with client certificate requirements.
Details
- CWE(s)