VYPR
Medium severity5.9NVD Advisory· Published Mar 30, 2026· Updated Apr 13, 2026

CVE-2026-32883

CVE-2026-32883

Description

Botan is a C++ cryptography library. From version 3.0.0 to before version 3.11.0, during X509 path validation, OCSP responses were checked for an appropriate status code, but critically omitted verifying the signature of the OCSP response itself. This issue has been patched in version 3.11.0.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • cpe:2.3:a:botan_project:botan:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:botan_project:botan:*:*:*:*:*:*:*:*range: >=3.0.0,<3.11.0
    • (no CPE)range: >=3.0.0, <3.11.0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.