ByteOS Network

NVD Vulnerability Details :

CVE-2026-34871

Analyzed

Source-cve@mitre.org

Published At-01 Apr, 2026 | 19:16

Updated At-05 Jun, 2026 | 19:40

An issue was discovered in Mbed TLS before 3.6.6 and 4.x before 4.1.0 and TF-PSA-Crypto before 1.1.0. There is a Predictable Seed in a Pseudo-Random Number Generator (PRNG).

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Secondary	3.1	6.7	MEDIUM	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

Type: Secondary

Version: 3.1

Base score: 6.7

Base severity: MEDIUM

Vector:

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

CPE Matches

Arm Limited

>>mbed_tls>>Versions before 3.6.6(exclusive)

cpe:2.3:a:arm:mbed_tls:*:*:*:*:*:*:*:*

trustedfirmware>>tf-psa-crypto>>Versions before 1.1.0(exclusive)

cpe:2.3:a:trustedfirmware:tf-psa-crypto:*:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-338	Secondary	134c704f-9b21-4f2e-91b3-4a467353bcc0

CWE ID: CWE-338

Type: Secondary

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0

References

Hyperlink	Source	Resource
https://mbed-tls.readthedocs.io/en/latest/security-advisories/	cve@mitre.org	Vendor Advisory
https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2026-03-dev-random/	cve@mitre.org	Vendor Advisory

Hyperlink: https://mbed-tls.readthedocs.io/en/latest/security-advisories/

Source: cve@mitre.org

Resource:

Vendor Advisory

Hyperlink: https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2026-03-dev-random/

Source: cve@mitre.org

Resource:

Vendor Advisory

CISA Catalog

Metrics

CPE Matches

Weaknesses

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History