CVE-2019-16910EPSS p75.3%

CVE-2019-16910CVE-2019-16910

arm / mbed_crypto

Description

Arm Mbed TLS before 2.19.0 and Arm Mbed Crypto before 2.0.0, when deterministic ECDSA is enabled, use an RNG with insufficient entropy for blinding, which might allow an attacker to recover a private key via side-channel attacks if a victim signs the same message many times. (For Mbed TLS, the fix is also available in versions 2.7.12 and 2.16.3.)

Scoring

CVSS 5.3 ()
VectorCVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
EPSS1.77% probability of exploitation · percentile 75.3% · 2026-06-18T12:00:27Z
Last modified2026-06-05

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2018-19608
CVE
CVE-2020-10932
CVE
CVE-2018-9989
CVE
CVE-2021-36647
CVE
CVE-2018-9988
CVE
CVE-2026-34871
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.