{"id":"ECHO-b6fa-1bcf-5451","upstream":["CVE-2026-34877"],"severity":[],"modified":"2026-05-28T11:30:04.151Z","affected":[{"package":{"ecosystem":"Echo","name":"mbedtls"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.6.6-0.1+e1"}]}]}],"references":[{"type":"WEB","url":"https://advisory.echohq.com/cve/CVE-2026-34877"}],"withdrawn":"2026-05-28T11:30:04.151Z","summary":"Serialized SSL context tampering is documented behavior; callers must protect serialized data.\nhttps://security-tracker.debian.org/tracker/CVE-2026-34877\n"}