What is the CVSS score of CVE-2026-34874?

CVE-2026-34874 has a CVSS 3.1 base score of 7.5 (High). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H. EPSS exploitation probability: 0.1%.

Is there a patch available for CVE-2026-34874?

Yes, a patch is available for CVE-2026-34874. Update the affected software to the latest version immediately.

Suse CVE-2026-34874

EUVD-2026-18003 HIGH

NULL Pointer Dereference (CWE-476)

2026-04-01 mitre

GHSA-5jpv-5p2x-4fwv

Denial Of Service Null Pointer Dereference Suse

7.5

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Lifecycle Timeline

EUVD ID Assigned

Apr 01, 2026 - 19:00 euvd

EUVD-2026-18003

Analysis Generated

Apr 01, 2026 - 19:00 vuln.today

CVE Published

Apr 01, 2026 - 00:00 nvd

HIGH 7.5

DescriptionNVD

An issue was discovered in Mbed TLS through 3.6.5 and 4.x through 4.0.0. There is a NULL pointer dereference in distinguished name parsing that allows an attacker to write to address 0.

AnalysisAI

NULL pointer dereference in Mbed TLS distinguished name (X.509) parsing allows remote attackers to trigger a denial of service by writing to address 0, affecting Mbed TLS versions 3.6.5 and earlier, and 4.0.0. The vulnerability is reachable during X.509 certificate processing and does not require authentication. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory