CVE-2026-42013

Gnutls: gnutls: certificate validation bypass due to oversized subject alternative name

CVSS 8.2 HIGHEPSS 0.4%CWE-1284

Vexday Risk Score

21Baixo

Decisão SSVC (CISA)

Track

Sem sinal de exploração → monitorar

CVSS 8.2EPSS 0.4%KEV nãoPoC —Patch referenciado

Ciclo de vida

26 mai 2026Publicada no NVD

Recomendação: Monitorar — sem sinal de exploração no momento.

A flaw was found in gnutls. When validating certificates, an oversized Subject Alternative Name (SAN) could cause the validation process to incorrectly fall back to checking the Common Name (CN) field. This could allow a remote attacker to bypass proper certificate validation, potentially leading to spoofing or man-in-the-middle attacks.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N

Produtos afetados

Red Hat · Red Hat Discovery 2 Red Hat · Red Hat Enterprise Linux 10 Red Hat · Red Hat Enterprise Linux 10.0 Extended Update Support Red Hat · Red Hat Enterprise Linux 6 Red Hat · Red Hat Enterprise Linux 7 Red Hat · Red Hat Enterprise Linux 8 Red Hat · Red Hat Enterprise Linux 9 Red Hat · Red Hat Hardened Images Red Hat · Red Hat OpenShift Container Platform 4 Red Hat · Red Hat Update Infrastructure 5

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://access.redhat.com/errata/RHSA-2026:20611 https://access.redhat.com/errata/RHSA-2026:20612 https://access.redhat.com/errata/RHSA-2026:20613 https://access.redhat.com/errata/RHSA-2026:26319 https://access.redhat.com/errata/RHSA-2026:26409 https://access.redhat.com/errata/RHSA-2026:29197 https://access.redhat.com/security/cve/CVE-2026-42013 https://bugzilla.redhat.com/show_bug.cgi?id=2467448