Threat Advisories - NVD Disclosed April 1, 2026

CVE-2026-34873

Mbed TLS Client Impersonation Vulnerability in TLS 1.3 Session Resumption

Halo Surface Signal: 2 out of 5 — less likely to be public-facing.

Mbed TLS versions 3.5.0 through 4.0.0 have a vulnerability allowing client impersonation during TLS 1.3 session resumption. This could permit an attacker to impersonate a legitimate client, potentially impacting data confidentiality and integrity. Understanding if your environment uses affected Mbed TLS versions is cru

NVD published: April 1, 2026

CVE advisoryCRITICAL

CVE-2026-34875

Mbed TLS TF-PSA Crypto Public Key Export Buffer Overflow.

Halo Surface Signal: 2 out of 5 — less likely to be public-facing.

A buffer overflow vulnerability exists in Mbed TLS and TF-PSA-Crypto libraries during the export of FFDH public keys. If reachable, this could allow an attacker to overwrite memory. This is relevant for systems using these cryptographic libraries.

NVD published: April 1, 2026

CVE advisoryCRITICAL

CVE-2026-34072

Cronmaster Authentication Bypass Allows Unauthorized Access.

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

An authentication bypass in CronMaster allows unauthorized access to protected areas and execution of privileged actions when session validation fails. This exposes organizations to business risk through potential data compromise and system disruption. Organizations using affected versions should update to 2.2.0.

NVD published: April 1, 2026

CVE advisoryKnown Exploit

CVE-2026-5281

Google Chrome could allow an external attacker to take control of the browser

Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.

An external attacker can exploit a flaw in Google Chrome’s graphics component by luring a user to a malicious website. This allows them to run unauthorized code, which could let them bypass security protections to access sensitive files or gain control of the host computer.

NVD published: April 1, 2026 • CISA KEV