Arm · Mbed Tls · CVE-2025-49087
**Name of the Vulnerable Software and Affected Versions**
Mbed TLS versions 3.6.1 through 3.6.3
**Description**
A timing discrepancy in block cipher padding removal allows an attacker to recover the plaintext when PKCS#7 padding mode is used.
**Recommendations**
Update to version 3.6.4 or later.