VDB
CVE-2025-59438
CVE-2025-59438
PUBLISHED
CVSS 5.300000190734863 MEDIUM
Mbed TLS through 3.6.4 has an Observable Timing Discrepancy.
EPSS 0.04% · 13.7th percentile
Risk Scores
CVSS v3.1
5.300000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
EPSS Score
0.04%
13.7th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | * |
| arm | mbed_tls | 0 |
Timeline
- Oct 21, 2025 CVE Published
- Oct 21, 2025 Coalition ESS Score
- Oct 21, 2025 CVE Updated
- Oct 21, 2025 PoC Published
- Oct 22, 2025 EPSS Score
- Oct 23, 2025 Coalition ESS Score
- Oct 25, 2025 Coalition ESS Score
- Oct 28, 2025 EPSS Score
- Oct 30, 2025 Coalition ESS Score
- Nov 3, 2025 EPSS Score
- Nov 8, 2025 EPSS Score
- Nov 14, 2025 EPSS Score
References
- https://mbed-tls.readthedocs.io/en/latest/tech-updates/security-advisories/ url
- https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2025-10-invalid-padding-error/ url
- https://nvd.nist.gov/vuln/detail/CVE-2025-59438 advisory
- https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2025-10-invalid-padding-error url
- https://mbed-tls.readthedocs.io/en/latest/tech-updates/security-advisories url