CVE-2025-49600 | mbed TLS up to 3.6.3 mbedtls_lms_verify missing cryptographic step

Inserito da Angelo Barbosa | Lug 4, 2025 | CVE

A vulnerability was found in mbed TLS up to 3.6.3 and classified as problematic. This issue affects the function mbedtls_lms_verify. The manipulation leads to missing cryptographic step.

The identification of this vulnerability is CVE-2025-49600. It is possible to launch the attack on the physical device. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2025-49600 | mbed TLS up to 3.6.3 mbedtls_lms_verify missing cryptographic step

Post correlati

CVE-2023-5451 | Forcepoint Next Generation Firewall Security Management Center cross site scripting

CVE-2024-33880 | VirtoSoftware Virto Bulk File Download for SharePoint 2019 5.5.44 Download.ashx information disclosure

CVE-2024-25662 | Oxygen XML Web Author/Content Fusion cross site scripting (SYNC-2024-020601)

CVE-2024-41577 | productinfoquick 1.0 Ueditor unrestricted upload