CVE-2026-34580 — HIGH (7.5)

Vulnerability Description

Botan is a C++ cryptography library. In 3.11.0, the function Certificate_Store::certificate_known had a misleading name; it would return true if any certificate in the store had a DN (and subject key identifier, if set) matching that of the argument. It did not check that the cert it found and the cert it was passed were actually the same certificate. In 3.11.0 an extension of path validation logic was made which assumed that certificate_known only returned true if the certificates were in fact identical. The impact is that if an end entity certificate is presented, and its DN (and subject key identifier, if set) match that of any trusted root, the end entity certificate is accepted immediately as if it itself were a trusted root. , This vulnerability is fixed in 3.11.1.

CVSS Score

7.5

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

HIGH

Availability

NONE

Affected Products

Vendor	Product	Versions
Botan Project	Botan	3.11.0

Related Weaknesses (CWE)

CWE-295

References

https://github.com/randombit/botan/security/advisories/GHSA-v782-6fq4-q827Vendor Advisory

FAQ

What is CVE-2026-34580?

CVE-2026-34580 is a vulnerability with a CVSS score of 7.5 (HIGH). Botan is a C++ cryptography library. In 3.11.0, the function Certificate_Store::certificate_known had a misleading name; it would return true if any certificate in the store had a DN (and subject key ...

How severe is CVE-2026-34580?

CVE-2026-34580 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2026-34580?

Check the references section above for vendor advisories and patch information. Affected products include: Botan Project Botan.