Tf-psa-crypto
This hub aggregates every CVE we track for Tf-psa-crypto, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.
5
CVEs tracked
2
Critical
1
High
0
In CISA KEV
Severity distribution
MEDIUM2CRITICAL2HIGH1
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
5
0
0
2024-072026-06
Latest CVEs
The 5 most recently published vulnerabilities affecting Tf-psa-crypto.
- CVE-2026-34871An issue was discovered in Mbed TLS before 3.6.6 and 4.x before 4.1.0 and TF-PSA-Crypto before 1.1.0. There is a Predictable Seed in a Pseudo-Random Number Generator (PRNG).6.7
- CVE-2026-34875An issue was discovered in Mbed TLS through 3.6.5 and TF-PSA-Crypto 1.0.0. A buffer overflow can occur in public key export for FFDH keys.9.8
- CVE-2026-34872An issue was discovered in Mbed TLS 3.5.x and 3.6.x through 3.6.5 and TF-PSA-Crypto 1.0. There is a lack of contributory behavior in FFDH due to improper input validation. Using finite-field Diffie...9.1
- CVE-2026-25835Mbed TLS before 3.6.6 and TF-PSA-Crypto before 1.1.0 misuse seeds in a Pseudo-Random Number Generator (PRNG).7.7
- CVE-2025-66442In Mbed TLS through 4.0.0, there is a compiler-induced timing side channel (in RSA and CBC/ECB decryption) that only occurs with LLVM's select-optimize feature. TF-PSA-Crypto through 1.0.0 is also ...5.1
Product normalization is registry-driven with AI assist and human review. How it works