Description
Botan is a C++ cryptography library. In 3.11.0, the function Certificate_Store::certificate_known had a misleading name; it would return true if any certificate in the store had a DN (and subject key identifier, if set) matching that of the argument. It did not check that the cert it found and the cert it was passed were actually the same certificate. In 3.11.0 an extension of path validation logic was made which assumed that certificate_known only returned true if the certificates were in fact identical. The impact is that if an end entity certificate is presented, and its DN (and subject key identifier, if set) match that of any trusted root, the end entity certificate is accepted immediately as if it itself were a trusted root. , This vulnerability is fixed in 3.11.1.
Published: 2026-04-07
Score: 9.3 Critical
EPSS: < 1% Very Low
KEV: No
Impact: Trust Anchor Bypass
Action: Immediate Patch
AI Analysis

Impact

Botan’s Certificate_Store::certificate_known function returns true when a certificate’s distinguished name (DN) and optional subject key identifier match any certificate already in the trusted store, but it does not verify that the matched certificate is the exact same instance. When the path‑validation logic was extended in version 3.11.0, it incorrectly assumed that certificate_known only confirmed identity. As a result, an end‑entity certificate with the same DN (and subject key identifier, if any) as a trusted root is accepted immediately as a trusted root. This bypassing of trust chain validation permits an attacker to present a forged or malicious certificate to an application that uses Botan 3.11.0, effectively granting the attacker the same privileges as a root certificate authority. The weakness is classified as CWE‑295, Authentication Bypass via Certificate Trust.

Affected Systems

Systems that incorporate the randombit Botan cryptographic library, specifically version 3.11.0. Applications built against Botan 3.11.0 for TLS, SSL, or other cryptographic operations are vulnerable. The issue has been fixed in Botan 3.11.1, so any deployment using an older 3.11.0 build is at risk.

Risk and Exploitability

The vulnerability carries a CVSS score of 9.3, indicating critical severity. Although EPSS data is not provided, the lack of a KEV listing suggests no widespread exploitation yet. An attacker would need to supply a certificate that shares the distinguished name, and optionally the subject key identifier, of an existing trusted root. When such a certificate is presented to a Botan 3.11.0 application—for example, during a TLS handshake or client‑certificate authentication—the library mistakenly accepts it as a self‑trusted root. The resulting compromise allows the attacker to present forged certificates, intercept or alter secure communications, and potentially elevate privileges. The library’s internal assumption called out by CWEs: Authentication Bypass via Trust Anchor.

Generated by OpenCVE AI on April 7, 2026 at 23:14 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Botan to version 3.11.1 or newer.
  • Rebuild all applications that link to Botan.
  • Verify that the new library is in use before restarting services.

Generated by OpenCVE AI on April 7, 2026 at 23:14 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 17 Apr 2026 20:30:00 +0000

Type Values Removed Values Added
First Time appeared Botan Project
Botan Project botan
CPEs cpe:2.3:a:botan_project:botan:3.11.0:*:*:*:*:*:*:*
Vendors & Products Botan Project
Botan Project botan
Metrics cvssV3_1

{'score': 9.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N'}

 cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N'}

Wed, 08 Apr 2026 19:45:00 +0000

Type Values Removed Values Added
First Time appeared Randombit
Randombit botan
Vendors & Products Randombit
Randombit botan

Wed, 08 Apr 2026 19:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Wed, 08 Apr 2026 12:30:00 +0000

Type Values Removed Values Added
References
Metrics threat_severity

None

 cvssV3_1

{'score': 9.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N'}

threat_severity

Important

Tue, 07 Apr 2026 21:30:00 +0000

Type Values Removed Values Added
Description Botan is a C++ cryptography library. In 3.11.0, the function Certificate_Store::certificate_known had a misleading name; it would return true if any certificate in the store had a DN (and subject key identifier, if set) matching that of the argument. It did not check that the cert it found and the cert it was passed were actually the same certificate. In 3.11.0 an extension of path validation logic was made which assumed that certificate_known only returned true if the certificates were in fact identical. The impact is that if an end entity certificate is presented, and its DN (and subject key identifier, if set) match that of any trusted root, the end entity certificate is accepted immediately as if it itself were a trusted root. , This vulnerability is fixed in 3.11.1.
Title Botan has a certificate authentication bypass due to trust anchor confusion
Weaknesses CWE-295
References
Metrics cvssV4_0

{'score': 9.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

Botan Project Botan
Randombit Botan
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-04-09T03:56:10.769Z

Reserved: 2026-03-30T16:56:30.999Z

Link: CVE-2026-34580

cve-icon Vulnrichment

Updated: 2026-04-08T15:23:58.256Z

cve-icon NVD

Status : Analyzed

Published: 2026-04-07T22:16:22.647

Modified: 2026-04-17T20:30:02.877

Link: CVE-2026-34580

cve-icon Redhat

Severity : Important

Publid Date: 2026-04-07T21:12:09Z

Links: CVE-2026-34580 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-04-08T19:45:37Z

Weaknesses