CVE-2026-34181: PKCS#12 PBMAC1 Weak HMAC Key Flaw
🟠 High | Source: Microsoft Security Response Center CVE-2026-34181 is a vulnerability in which PKCS#12 certificate files using the PBMAC1 MAC scheme are accepted even when configured with excessively short HMAC keys. Short HMAC keys weaken the integrity protection on PKCS#12 containers, potentially allowing an attacker to tamper with or forge certificate bundles without detection. This is particularly relevant to Azure services and applications that import or process PKCS#12 files for TLS certificates or authentication credentials. ...