{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-11T05:10:12.266","vulnerabilities":[{"cve":{"id":"CVE-2025-27810","sourceIdentifier":"cve@mitre.org","published":"2025-03-25T06:15:41.180","lastModified":"2026-06-05T19:38:32.047","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Mbed TLS before 2.28.10 and 3.x before 3.6.3, in some cases of failed memory allocation or hardware errors, uses uninitialized stack memory to compose the TLS Finished message, potentially leading to authentication bypasses such as replays."},{"lang":"es","value":"Mbed TLS anterior a 2.28.10 y 3.x anterior a 3.6.3, en algunos casos de asignaciĆ³n de memoria fallida o errores de hardware, utiliza memoria de pila no inicializada para componer el mensaje TLS Finalizado, lo que puede provocar omisiones de autenticaciĆ³n como repeticiones."}],"metrics":{"cvssMetricV31":[{"source":"cve@mitre.org","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.2,"impactScore":2.7},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N","baseScore":4.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.2,"impactScore":2.5}]},"weaknesses":[{"source":"cve@mitre.org","type":"Secondary","description":[{"lang":"en","value":"CWE-908"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:arm:mbed_tls:*:*:*:*:*:*:*:*","versionEndExcluding":"2.28.10","matchCriteriaId":"DD0A913D-2765-4EE6-8C44-59214EFCAD03"},{"vulnerable":true,"criteria":"cpe:2.3:a:trustedfirmware:mbed_tls:*:*:*:*:*:*:*:*","versionStartIncluding":"3.0.0","versionEndExcluding":"3.6.3","matchCriteriaId":"B8253337-97A1-4B7E-A0D4-31AFBA7A20F6"}]}]}],"references":[{"url":"https://github.com/Mbed-TLS/mbedtls/releases","source":"cve@mitre.org","tags":["Release Notes"]},{"url":"https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2025-03-2/","source":"cve@mitre.org","tags":["Vendor Advisory"]}]}}]}