CVE-2026-32877

Botan is a C++ cryptography library. From version 2.3.0 to before version 3.11.0, during SM2 decryption, the code that checked the authentication code value (C3) failed to check that the encoded value was of the expected length prior to comparison. An invalid ciphertext can cause a heap over-read of up to 31 bytes, resulting in a crash or potentially other undefined behavior. This issue has been patched in version 3.11.0.

CVSS v3 8.2 HIGH

8.2^/10

CVSS v3 : HIGH

Vector :

Exploitability : 3.9 / Impact : 4.2

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://github.com/randombit/botan/security/advisories/GHSA-7jj6-4r42-w9h6	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:botan_project:botan:*:*:*:*:*:*:*:*

History

13 Apr 2026, 13:57

Type	Values Removed	Values Added
CPE		cpe:2.3:a:botan_project:botan::::::::
First Time		Botan Project botan Botan Project
References	~~() https://github.com/randombit/botan/security/advisories/GHSA-7jj6-4r42-w9h6 -~~	() https://github.com/randombit/botan/security/advisories/GHSA-7jj6-4r42-w9h6 - Vendor Advisory

01 Apr 2026, 14:24

Type	Values Removed	Values Added
Summary		(es) Botan es una biblioteca de criptografía C++. Desde la versión 2.3.0 hasta antes de la versión 3.11.0, durante el descifrado SM2, el código que verificaba el valor del código de autenticación (C3) no verificó que el valor codificado tuviera la longitud esperada antes de la comparación. Un texto cifrado no válido puede causar una lectura excesiva de la pila (heap over-read) de hasta 31 bytes, lo que resulta en un fallo o potencialmente en otro comportamiento indefinido. Este problema ha sido parcheado en la versión 3.11.0.

30 Mar 2026, 21:17

Type	Values Removed	Values Added
New CVE

Information

Published : 2026-03-30 21:17

Updated : 2026-04-13 13:57

NVD link : CVE-2026-32877

Mitre link : CVE-2026-32877

CVE.ORG link : CVE-2026-32877

JSON object : View

Products Affected

botan_project

botan

CWE

CWE-125

Out-of-bounds Read

{"id": "CVE-2026-32877", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.2, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 4.2, "exploitabilityScore": 3.9}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.2, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 4.2, "exploitabilityScore": 3.9}]}, "published": "2026-03-30T21:17:09.767", "references": [{"url": "https://github.com/randombit/botan/security/advisories/GHSA-7jj6-4r42-w9h6", "tags": ["Vendor Advisory"], "source": "security-advisories@github.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-125"}]}], "descriptions": [{"lang": "en", "value": "Botan is a C++ cryptography library. From version 2.3.0 to before version 3.11.0, during SM2 decryption, the code that checked the authentication code value (C3) failed to check that the encoded value was of the expected length prior to comparison. An invalid ciphertext can cause a heap over-read of up to 31 bytes, resulting in a crash or potentially other undefined behavior. This issue has been patched in version 3.11.0."}, {"lang": "es", "value": "Botan es una biblioteca de criptograf\u00eda C++. Desde la versi\u00f3n 2.3.0 hasta antes de la versi\u00f3n 3.11.0, durante el descifrado SM2, el c\u00f3digo que verificaba el valor del c\u00f3digo de autenticaci\u00f3n (C3) no verific\u00f3 que el valor codificado tuviera la longitud esperada antes de la comparaci\u00f3n. Un texto cifrado no v\u00e1lido puede causar una lectura excesiva de la pila (heap over-read) de hasta 31 bytes, lo que resulta en un fallo o potencialmente en otro comportamiento indefinido. Este problema ha sido parcheado en la versi\u00f3n 3.11.0."}], "lastModified": "2026-04-13T13:57:30.477", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:botan_project:botan:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3275D95B-2891-4D86-B9D3-E642CFDDEED0", "versionEndExcluding": "3.11.0", "versionStartIncluding": "2.3.0"}], "operator": "OR"}]}], "sourceIdentifier": "security-advisories@github.com"}