CVE-2026-32883

Name of the Vulnerable Software and Affected Versions Botan versions 3.0.0 through 3.10.9

Description Botan is a C++ cryptography library. During X509 path validation, versions prior to 3.11.0 did not verify the signature of Online Certificate Status Protocol (OCSP) responses, only checking for an appropriate status code. This could allow a man-in-the-middle (MitM) attack to bypass certificate revocation checks.

Recommendations Update to Botan version 3.11.0 or later.