Known Vulnerabilities for products from Arm
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Arm".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Additional devices specifications by Arm can be found at device.report : Arm
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-34877 json | An issue was discovered in Mbed TLS versions from 2.19.0 up to 3.6.5, Mbed TLS 4.0.0. Insufficient protection of serialized S... | Not Provided | 2026-04-02 | 2026-04-06 |
| CVE-2026-34876 json | An issue was discovered in Mbed TLS 3.x before 3.6.6. An out-of-bounds read vulnerability in mbedtls_ccm_finish() in library/... | Not Provided | 2026-04-02 | 2026-04-07 |
| CVE-2026-34875 json | An issue was discovered in Mbed TLS through 3.6.5 and TF-PSA-Crypto 1.0.0. A buffer overflow can occur in public key export f... | Not Provided | 2026-04-01 | 2026-04-06 |
| CVE-2026-34874 json | An issue was discovered in Mbed TLS through 3.6.5 and 4.x through 4.0.0. There is a NULL pointer dereference in distinguished... | Not Provided | 2026-04-01 | 2026-04-03 |
| CVE-2026-34873 json | An issue was discovered in Mbed TLS 3.5.0 through 4.0.0. Client impersonation can occur while resuming a TLS 1.3 session. | Not Provided | 2026-04-01 | 2026-04-07 |
| CVE-2026-34872 json | An issue was discovered in Mbed TLS 3.5.x and 3.6.x through 3.6.5 and TF-PSA-Crypto 1.0. There is a lack of contributory beha... | Not Provided | 2026-04-01 | 2026-04-03 |
| CVE-2026-34871 json | An issue was discovered in Mbed TLS before 3.6.6 and 4.x before 4.1.0 and TF-PSA-Crypto before 1.1.0. There is a Predictable ... | Not Provided | 2026-04-01 | 2026-04-06 |
| CVE-2026-25835 json | Mbed TLS before 3.6.6 and TF-PSA-Crypto before 1.1.0 misuse seeds in a Pseudo-Random Number Generator (PRNG). | Not Provided | 2026-04-01 | 2026-04-06 |
| CVE-2026-25834 json | Mbed TLS v3.3.0 up to 3.6.5 and 4.0.0 allows Algorithm Downgrade. | Not Provided | 2026-04-01 | 2026-04-06 |
| CVE-2026-25833 json | Mbed TLS 3.5.0 to 3.6.5 fixed in 3.6.6 and 4.1.0 has a buffer overflow in the x509_inet_pton_ipv6() function | Not Provided | 2026-04-01 | 2026-04-06 |
| CVE-2026-0995 json | An issue has been identified in Arm C1-Pro before r1p2-50eac0, where, under certain conditions, a TLBI+DSB might fail to ensu... | Not Provided | 2026-03-02 | 2026-04-20 |
| CVE-2025-66442 json | In Mbed TLS through 4.0.0, there is a compiler-induced timing side channel (in RSA and CBC/ECB decryption) that only occurs w... | Not Provided | 2026-04-01 | 2026-04-03 |
| CVE-2024-23744 json | 7.5 - HIGH | 2024-01-21 | 2024-01-29 | |
| CVE-2023-52353 json | 7.5 - HIGH | 2024-01-21 | 2024-01-29 | |
| CVE-2023-45199 json | Mbed TLS 3.2.x through 3.4.x before 3.5 has a Buffer Overflow that can lead to remote Code execution. | 9.8 - CRITICAL | 2023-10-07 | 2023-10-12 |
| CVE-2023-43615 json | Mbed TLS 2.x before 2.28.5 and 3.x before 3.5.0 has a Buffer Overflow. | 7.5 - HIGH | 2023-10-07 | 2023-11-09 |
| CVE-2023-40271 json | In Trusted Firmware-M through TF-Mv1.8.0, for platforms that integrate the CryptoCell accelerator, when the CryptoCell PSA Dr... | 7.5 - HIGH | 2023-09-08 | 2023-09-13 |
| CVE-2023-34970 json | A local non-privileged user can make improper GPU processing operations to access a limited amount outside of buffer bounds o... | 4.7 - MEDIUM | 2023-10-03 | 2023-10-05 |
| CVE-2023-33200 json | A local non-privileged user can make improper GPU processing operations to exploit a software race condition. If the system�... | 4.7 - MEDIUM | 2023-10-03 | 2023-10-05 |
| CVE-2023-32804 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 7.8 - HIGH | 2023-12-04 | 2023-12-07 |
Known software with vulnerabilities from Arm
| Type | Vendor | Product | Version |
|---|---|---|---|
| Operating System | Arm | Arm-trusted-firmware | 0.2 |
| Hardware | Arm | Arm7 | - |
| Hardware | Arm | Armv8-m | - |
| Operating System | Arm | Armv8-m Firmware | - |
| Application | Arm | Arm Compiler | 5.00 |
| Operating System | Arm | Arm Trusted Firmware | 2.2 |
| Hardware | Arm | Cortex-a | 15 |
| Hardware | Arm | Cortex-a32 | - |
| Operating System | Arm | Cortex-a32 Firmware | - |
| Hardware | Arm | Cortex-a34 | - |
| Operating System | Arm | Cortex-a34 Firmware | - |
| Hardware | Arm | Cortex-a35 | - |
| Operating System | Arm | Cortex-a35 Firmware | - |
| Hardware | Arm | Cortex-a53 | - |
| Operating System | Arm | Cortex-a53 Firmware | - |
| Operating System | Arm | Cortex-a57 Firmware | - |
| Operating System | Arm | Cortex-a72 Firmware | - |
| Operating System | Arm | Cortex-a73 Firmware | - |
| Operating System | Arm | Mbed | 5.0.0 |
| Application | Arm | Mbed-coap | 5.1.5 |