PT-2026-41578 — Julia Mbedtls Jll

PT-2026-41578 · Julia · Mbedtls Jll

Published

2026-05-07

Updated

2026-05-07

CVSS v3.1

5.1

Medium

Vector

AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

In Mbed TLS through 4.0.0, there is a compiler-induced timing side channel (in RSA and CBC/ECB decryption) that only occurs with LLVM's select-optimize feature. TF-PSA-Crypto through 1.0.0 is also affected.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

JLSEC-2026-463

Affected Products

Mbedtls Jll

PT-2026-41578 · Julia · Mbedtls Jll

Related Identifiers

Affected Products

References · 5