High severity7.5NVD Advisory· Published Mar 6, 2026· Updated Apr 21, 2026
CVE-2026-27137
CVE-2026-27137
Description
When verifying a certificate chain which contains a certificate containing multiple email address constraints which share common local portions but different domain portions, these constraints will not be properly applied, and only the last constraint will be considered.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
179- osv-coords178 versionspkg:apk/chainguard/amazon-k8s-cni-fipspkg:apk/chainguard/amazon-k8s-cni-init-fipspkg:apk/chainguard/amazon-k8s-cni-init-fips-compatpkg:apk/chainguard/aws-ebs-csi-driver-1.56pkg:apk/chainguard/aws-ebs-csi-driver-fips-1.56pkg:apk/chainguard/aws-load-balancer-controller-fipspkg:apk/chainguard/boringssl-fips-static-2023042800-toolspkg:apk/chainguard/boringssl-fips-static-20240407-toolspkg:apk/chainguard/cert-manager-acmesolver-fips-1.18pkg:apk/chainguard/cert-manager-acmesolver-fips-1.19pkg:apk/chainguard/cert-manager-cainjector-fips-1.18pkg:apk/chainguard/cert-manager-cainjector-fips-1.19pkg:apk/chainguard/cert-manager-controller-fips-1.18pkg:apk/chainguard/cert-manager-controller-fips-1.19pkg:apk/chainguard/cert-manager-fips-1.18pkg:apk/chainguard/cert-manager-fips-1.19pkg:apk/chainguard/cert-manager-startupapicheck-fips-1.18pkg:apk/chainguard/cert-manager-startupapicheck-fips-1.19pkg:apk/chainguard/cert-manager-webhook-fips-1.18pkg:apk/chainguard/cert-manager-webhook-fips-1.19pkg:apk/chainguard/chainguard-partners-demopkg:apk/chainguard/cluster-autoscaler-fips-1.35pkg:apk/chainguard/dkronpkg:apk/chainguard/dkron-executor-gcppubsubpkg:apk/chainguard/dkron-executor-grpcpkg:apk/chainguard/dkron-executor-kafkapkg:apk/chainguard/dkron-executor-natspkg:apk/chainguard/dkron-executor-rabbitmqpkg:apk/chainguard/dkron-processor-filespkg:apk/chainguard/dkron-processor-fluentpkg:apk/chainguard/dkron-processor-logpkg:apk/chainguard/dkron-processor-syslogpkg:apk/chainguard/flux-fips-2.8pkg:apk/chainguard/flux-helm-controllerpkg:apk/chainguard/flux-image-automation-controllerpkg:apk/chainguard/flux-image-reflector-controllerpkg:apk/chainguard/flux-notification-controllerpkg:apk/chainguard/flux-operatorpkg:apk/chainguard/flux-operator-fipspkg:apk/chainguard/flux-operator-mcppkg:apk/chainguard/flux-operator-mcp-fipspkg:apk/chainguard/flux-source-controllerpkg:apk/chainguard/flux-source-watcherpkg:apk/chainguard/gitlab-container-registry-fips-18.7pkg:apk/chainguard/gitlab-container-registry-fips-18.8pkg:apk/chainguard/gitlab-container-registry-fips-18.9pkg:apk/chainguard/gitlab-logger-fips-18.7pkg:apk/chainguard/gitlab-logger-fips-18.8pkg:apk/chainguard/gitlab-logger-fips-18.9pkg:apk/chainguard/gitlab-shell-fips-18.7pkg:apk/chainguard/gitlab-shell-fips-18.8pkg:apk/chainguard/gitlab-shell-fips-18.9pkg:apk/chainguard/go-1.26pkg:apk/chainguard/gotenbergpkg:apk/chainguard/grafana-fips-12.0pkg:apk/chainguard/grafana-operatorpkg:apk/chainguard/grafana-operator-fipspkg:apk/chainguard/grafana-rollout-operatorpkg:apk/chainguard/librechatpkg:apk/chainguard/localstackpkg:apk/chainguard/loki-fips-3.5pkg:apk/chainguard/loki-fips-3.5-logclipkg:apk/chainguard/loki-fips-3.5-loki-canarypkg:apk/chainguard/loki-fips-3.5-promtailpkg:apk/chainguard/metacontrollerpkg:apk/chainguard/novapkg:apk/chainguard/nova-fipspkg:apk/chainguard/omnictl-multiarchpkg:apk/chainguard/pgwatchpkg:apk/chainguard/plutopkg:apk/chainguard/podclipkg:apk/chainguard/podinfopkg:apk/chainguard/polarispkg:apk/chainguard/renovatepkg:apk/chainguard/stakater-reloaderpkg:apk/chainguard/steampipepkg:apk/chainguard/temporal-fipspkg:apk/chainguard/terragruntpkg:apk/chainguard/victorialogspkg:apk/chainguard/victorialogs-fipspkg:apk/chainguard/victoriametricspkg:apk/chainguard/victoriametrics-fipspkg:apk/chainguard/victoriametrics-vmagentpkg:apk/chainguard/victoriametrics-vmagent-clusterpkg:apk/chainguard/victoriametrics-vmagent-cluster-fipspkg:apk/chainguard/victoriametrics-vmagent-fipspkg:apk/chainguard/victoriametrics-vmalertpkg:apk/chainguard/victoriametrics-vmalert-clusterpkg:apk/chainguard/victoriametrics-vmalert-cluster-fipspkg:apk/chainguard/victoriametrics-vmalert-fipspkg:apk/chainguard/victoriametrics-vmauthpkg:apk/chainguard/victoriametrics-vmauth-fipspkg:apk/chainguard/victoriametrics-vminsert-clusterpkg:apk/chainguard/victoriametrics-vminsert-cluster-fipspkg:apk/chainguard/victoriametrics-vmselect-clusterpkg:apk/chainguard/victoriametrics-vmselect-cluster-fipspkg:apk/chainguard/victoriametrics-vmstorage-clusterpkg:apk/chainguard/victoriametrics-vmstorage-cluster-fipspkg:apk/wolfi/dkronpkg:apk/wolfi/dkron-executor-gcppubsubpkg:apk/wolfi/dkron-executor-grpcpkg:apk/wolfi/dkron-executor-kafkapkg:apk/wolfi/dkron-executor-natspkg:apk/wolfi/dkron-executor-rabbitmqpkg:apk/wolfi/dkron-processor-filespkg:apk/wolfi/dkron-processor-fluentpkg:apk/wolfi/dkron-processor-logpkg:apk/wolfi/dkron-processor-syslogpkg:apk/wolfi/flux-helm-controllerpkg:apk/wolfi/flux-image-automation-controllerpkg:apk/wolfi/flux-image-reflector-controllerpkg:apk/wolfi/flux-notification-controllerpkg:apk/wolfi/flux-operatorpkg:apk/wolfi/flux-operator-mcppkg:apk/wolfi/flux-source-controllerpkg:apk/wolfi/go-1.26pkg:apk/wolfi/grafana-operatorpkg:apk/wolfi/grafana-rollout-operatorpkg:apk/wolfi/metacontrollerpkg:apk/wolfi/novapkg:apk/wolfi/plutopkg:apk/wolfi/podclipkg:apk/wolfi/podinfopkg:apk/wolfi/polarispkg:apk/wolfi/renovatepkg:apk/wolfi/stakater-reloaderpkg:apk/wolfi/steampipepkg:apk/wolfi/terragruntpkg:apk/wolfi/victoriametricspkg:apk/wolfi/victoriametrics-vmagentpkg:apk/wolfi/victoriametrics-vmagent-clusterpkg:apk/wolfi/victoriametrics-vmalertpkg:apk/wolfi/victoriametrics-vmalert-clusterpkg:apk/wolfi/victoriametrics-vmauthpkg:apk/wolfi/victoriametrics-vminsert-clusterpkg:apk/wolfi/victoriametrics-vmselect-clusterpkg:apk/wolfi/victoriametrics-vmstorage-clusterpkg:bitnami/golangpkg:rpm/almalinux/delvepkg:rpm/almalinux/golangpkg:rpm/almalinux/golang-binpkg:rpm/almalinux/golang-docspkg:rpm/almalinux/golang-miscpkg:rpm/almalinux/golang-racepkg:rpm/almalinux/golang-srcpkg:rpm/almalinux/golang-testspkg:rpm/almalinux/go-toolsetpkg:rpm/opensuse/go1.26&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/go1.26&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/go1.26&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/go1.26-openssl&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/go1.26-openssl&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/govulncheck-vulndb&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/kubelogin&distro=openSUSE%20Tumbleweedpkg:rpm/suse/go1.26&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOSpkg:rpm/suse/go1.26&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSSpkg:rpm/suse/go1.26&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOSpkg:rpm/suse/go1.26&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSSpkg:rpm/suse/go1.26&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP7pkg:rpm/suse/go1.26&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSSpkg:rpm/suse/go1.26&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSSpkg:rpm/suse/go1.26&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP6-LTSSpkg:rpm/suse/go1.26&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4pkg:rpm/suse/go1.26&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP5pkg:rpm/suse/go1.26&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP6pkg:rpm/suse/go1.26-openssl&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOSpkg:rpm/suse/go1.26-openssl&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSSpkg:rpm/suse/go1.26-openssl&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOSpkg:rpm/suse/go1.26-openssl&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSSpkg:rpm/suse/go1.26-openssl&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP7pkg:rpm/suse/go1.26-openssl&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSSpkg:rpm/suse/go1.26-openssl&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSSpkg:rpm/suse/go1.26-openssl&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP6-LTSSpkg:rpm/suse/go1.26-openssl&distro=SUSE%20Linux%20Enterprise%20Server%2016.0pkg:rpm/suse/go1.26-openssl&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4pkg:rpm/suse/go1.26-openssl&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP5pkg:rpm/suse/go1.26-openssl&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP6pkg:rpm/suse/go1.26-openssl&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20applications%2016.0
< 1.21.1-r6+ 177 more
- (no CPE)range: < 1.21.1-r6
- (no CPE)range: < 1.21.1-r6
- (no CPE)range: < 1.21.1-r6
- (no CPE)range: < 1.56.0-r3
- (no CPE)range: < 1.56.0-r3
- (no CPE)range: < 3.1.0-r1
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 1.18.6-r1
- (no CPE)range: < 1.19.4-r1
- (no CPE)range: < 1.18.6-r1
- (no CPE)range: < 1.19.4-r1
- (no CPE)range: < 1.18.6-r1
- (no CPE)range: < 1.19.4-r1
- (no CPE)range: < 1.18.6-r1
- (no CPE)range: < 1.19.4-r1
- (no CPE)range: < 1.18.6-r1
- (no CPE)range: < 1.19.4-r1
- (no CPE)range: < 1.18.6-r1
- (no CPE)range: < 1.19.4-r1
- (no CPE)range: < 0
- (no CPE)range: < 1.35.0-r0
- (no CPE)range: < 4.1.0-r2
- (no CPE)range: < 4.1.0-r2
- (no CPE)range: < 4.1.0-r2
- (no CPE)range: < 4.1.0-r2
- (no CPE)range: < 4.1.0-r2
- (no CPE)range: < 4.1.0-r2
- (no CPE)range: < 4.1.0-r2
- (no CPE)range: < 4.1.0-r2
- (no CPE)range: < 4.1.0-r2
- (no CPE)range: < 4.1.0-r2
- (no CPE)range: < 2.8.1-r4
- (no CPE)range: < 1.5.3-r1
- (no CPE)range: < 1.1.1-r3
- (no CPE)range: < 1.1.1-r1
- (no CPE)range: < 1.8.2-r1
- (no CPE)range: < 0.45.0-r1
- (no CPE)range: < 0.43.0-r1
- (no CPE)range: < 0.45.0-r1
- (no CPE)range: < 0.43.0-r1
- (no CPE)range: < 1.8.1-r1
- (no CPE)range: < 2.1.1-r1
- (no CPE)range: < 18.7.5-r1
- (no CPE)range: < 18.8.5-r1
- (no CPE)range: < 18.9.1-r1
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 18.7.5-r1
- (no CPE)range: < 18.8.5-r1
- (no CPE)range: < 18.9.1-r1
- (no CPE)range: < 1.26.1-r0
- (no CPE)range: < 8.27.0-r2
- (no CPE)range: < 12.0.10-r2
- (no CPE)range: < 5.22.1-r0
- (no CPE)range: < 5.22.1-r0
- (no CPE)range: < 0.35.0-r2
- (no CPE)range: < 0.8.3-r0
- (no CPE)range: < 4.14.0-r7
- (no CPE)range: < 3.5.12-r0
- (no CPE)range: < 3.5.12-r0
- (no CPE)range: < 3.5.12-r0
- (no CPE)range: < 3.5.12-r0
- (no CPE)range: < 4.13.1-r1
- (no CPE)range: < 3.11.13-r1
- (no CPE)range: < 3.11.11-r3
- (no CPE)range: < 1.6.0-r0
- (no CPE)range: < 5.1.0-r1
- (no CPE)range: < 5.23.5-r1
- (no CPE)range: < 6.11.1-r1
- (no CPE)range: < 6.11.1-r1
- (no CPE)range: < 10.1.6-r1
- (no CPE)range: < 0
- (no CPE)range: < 1.4.14-r1
- (no CPE)range: < 2.4.0-r2
- (no CPE)range: < 1.6.1-r1
- (no CPE)range: < 1.0.0-r1
- (no CPE)range: < 1.48.0-r0
- (no CPE)range: < 1.47.0-r2
- (no CPE)range: < 1.138.0-r0
- (no CPE)range: < 1.137.0-r1
- (no CPE)range: < 1.138.0-r0
- (no CPE)range: < 1.138.0-r0
- (no CPE)range: < 1.137.0-r1
- (no CPE)range: < 1.137.0-r1
- (no CPE)range: < 1.138.0-r0
- (no CPE)range: < 1.138.0-r0
- (no CPE)range: < 1.137.0-r1
- (no CPE)range: < 1.137.0-r1
- (no CPE)range: < 1.138.0-r0
- (no CPE)range: < 1.137.0-r1
- (no CPE)range: < 1.138.0-r0
- (no CPE)range: < 1.137.0-r1
- (no CPE)range: < 1.138.0-r0
- (no CPE)range: < 1.137.0-r1
- (no CPE)range: < 1.138.0-r0
- (no CPE)range: < 1.137.0-r1
- (no CPE)range: < 4.1.0-r2
- (no CPE)range: < 4.1.0-r2
- (no CPE)range: < 4.1.0-r2
- (no CPE)range: < 4.1.0-r2
- (no CPE)range: < 4.1.0-r2
- (no CPE)range: < 4.1.0-r2
- (no CPE)range: < 4.1.0-r2
- (no CPE)range: < 4.1.0-r2
- (no CPE)range: < 4.1.0-r2
- (no CPE)range: < 4.1.0-r2
- (no CPE)range: < 1.5.3-r1
- (no CPE)range: < 1.1.1-r3
- (no CPE)range: < 1.1.1-r1
- (no CPE)range: < 1.8.2-r1
- (no CPE)range: < 0.45.0-r1
- (no CPE)range: < 0.45.0-r1
- (no CPE)range: < 1.8.1-r1
- (no CPE)range: < 1.26.1-r0
- (no CPE)range: < 5.22.1-r0
- (no CPE)range: < 0.35.0-r2
- (no CPE)range: < 4.13.1-r1
- (no CPE)range: < 3.11.13-r1
- (no CPE)range: < 5.23.5-r1
- (no CPE)range: < 6.11.1-r1
- (no CPE)range: < 6.11.1-r1
- (no CPE)range: < 10.1.6-r1
- (no CPE)range: < 0
- (no CPE)range: < 1.4.14-r1
- (no CPE)range: < 2.4.0-r2
- (no CPE)range: < 1.0.0-r1
- (no CPE)range: < 1.138.0-r0
- (no CPE)range: < 1.138.0-r0
- (no CPE)range: < 1.138.0-r0
- (no CPE)range: < 1.138.0-r0
- (no CPE)range: < 1.138.0-r0
- (no CPE)range: < 1.138.0-r0
- (no CPE)range: < 1.138.0-r0
- (no CPE)range: < 1.138.0-r0
- (no CPE)range: < 1.138.0-r0
- (no CPE)range: >= 1.26.0-0, < 1.26.1
- (no CPE)range: < 1.25.2-3.el10_1
- (no CPE)range: < 1.26.2-2.el10_2.alma.1
- (no CPE)range: < 1.26.2-2.el10_2.alma.1
- (no CPE)range: < 1.26.2-2.el10_2.alma.1
- (no CPE)range: < 1.26.2-2.el10_2.alma.1
- (no CPE)range: < 1.26.2-2.el10_2.alma.1
- (no CPE)range: < 1.26.2-2.el10_2.alma.1
- (no CPE)range: < 1.26.2-2.el10_2.alma.1
- (no CPE)range: < 1.26.2-2.el10_2.alma.1
- (no CPE)range: < 1.26.1-150000.1.6.1
- (no CPE)range: < 1.26.1-160000.1.1
- (no CPE)range: < 1.26.1-1.1
- (no CPE)range: < 1.26.1-150600.13.3.1
- (no CPE)range: < 1.26.1-160000.1.1
- (no CPE)range: < 0.0.20260317T205859-150000.1.152.1
- (no CPE)range: < 0.2.18-1.1
- (no CPE)range: < 1.26.1-150000.1.6.1
- (no CPE)range: < 1.26.1-150000.1.6.1
- (no CPE)range: < 1.26.1-150000.1.6.1
- (no CPE)range: < 1.26.1-150000.1.6.1
- (no CPE)range: < 1.26.1-150000.1.6.1
- (no CPE)range: < 1.26.1-150000.1.6.1
- (no CPE)range: < 1.26.1-150000.1.6.1
- (no CPE)range: < 1.26.1-150000.1.6.1
- (no CPE)range: < 1.26.1-150000.1.6.1
- (no CPE)range: < 1.26.1-150000.1.6.1
- (no CPE)range: < 1.26.1-150000.1.6.1
- (no CPE)range: < 1.26.1-150000.1.3.1
- (no CPE)range: < 1.26.1-150000.1.3.1
- (no CPE)range: < 1.26.1-150000.1.3.1
- (no CPE)range: < 1.26.1-150000.1.3.1
- (no CPE)range: < 1.26.1-150600.13.3.1
- (no CPE)range: < 1.26.1-150000.1.3.1
- (no CPE)range: < 1.26.1-150000.1.3.1
- (no CPE)range: < 1.26.1-150600.13.3.1
- (no CPE)range: < 1.26.1-160000.1.1
- (no CPE)range: < 1.26.1-150000.1.3.1
- (no CPE)range: < 1.26.1-150000.1.3.1
- (no CPE)range: < 1.26.1-150600.13.3.1
- (no CPE)range: < 1.26.1-160000.1.1
Patches
Vulnerability mechanics
References
4- pkg.go.dev/vuln/GO-2026-4599nvdVendor Advisory
- go.dev/cl/752182nvdMailing List
- go.dev/issue/77952nvdIssue Tracking
- groups.google.com/g/golang-announce/c/EdhZqrQ98hknvdRelease Notes
News mentions
0No linked articles in our index yet.