CVE-2026-32877
Botan: Heap Buffer Over-read in SM2 Decryption via Undersized C3 Hash Field
CVSS Score
8.2
EPSS Score
0.0%
EPSS Percentile
14th
Botan is a C++ cryptography library. From version 2.3.0 to before version 3.11.0, during SM2 decryption, the code that checked the authentication code value (C3) failed to check that the encoded value was of the expected length prior to comparison. An invalid ciphertext can cause a heap over-read of up to 31 bytes, resulting in a crash or potentially other undefined behavior. This issue has been patched in version 3.11.0.
| CWE | CWE-125 |
| Vendor | randombit |
| Product | botan |
| Published | Mar 30, 2026 |
| Last Updated | Mar 31, 2026 |
Stay Ahead of the Next One
Get instant alerts for randombit botan
Be the first to know when new high vulnerabilities affecting randombit botan are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
CVSS v3 Breakdown
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
None
Availability
High
Affected Versions
randombit / botan
>= 2.3.0, < 3.11.0