CVE-2026-25835

ADVISORY - nist

Summary

Mbed TLS before 3.6.6 and TF-PSA-Crypto before 1.1.0 misuse seeds in a Pseudo-Random Number Generator (PRNG).

EPSS Score⁠: 0.00016 (0.036)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-335⁠

Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG)

Impacted images

Advisories

NIST

CREATED

2 months ago

UPDATED

1 month ago

ADVISORY IDCVE-2026-25835⁠

EXPLOITABILITY SCORE

2.5

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-335⁠

CVSS SCORE

7.7high

Alpine

CREATED

2 months ago

UPDATED

23 days ago

ADVISORY IDCVE-2026-25835⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Debian

CREATED

1 month ago

UPDATED

2 days ago

ADVISORY IDCVE-2026-25835⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Ubuntu

CREATED

2 months ago

UPDATED

1 month ago

ADVISORY IDCVE-2026-25835⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium