High severity7.4NVD Advisory· Published May 7, 2026· Updated Jun 2, 2026
CVE-2026-42011
CVE-2026-42011
Description
A flaw was found in gnutls. This vulnerability occurs because permitted name constraints were incorrectly ignored when previous Certificate Authorities (CAs) only had excluded name constraints. A remote attacker could exploit this to bypass critical name constraint checks during certificate validation. This bypass could lead to the acceptance of invalid certificates, potentially enabling spoofing or man-in-the-middle attacks against affected systems.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
6- osv-coords6 versionspkg:rpm/almalinux/gnutlspkg:rpm/almalinux/gnutls-c%2B%2Bpkg:rpm/almalinux/gnutls-danepkg:rpm/almalinux/gnutls-develpkg:rpm/almalinux/gnutls-utilspkg:rpm/opensuse/gnutls&distro=openSUSE%20Tumbleweed
< 3.6.16-8.el8_10.6+ 5 more
- (no CPE)range: < 3.6.16-8.el8_10.6
- (no CPE)range: < 3.6.16-8.el8_10.6
- (no CPE)range: < 3.6.16-8.el8_10.6
- (no CPE)range: < 3.6.16-8.el8_10.6
- (no CPE)range: < 3.6.16-8.el8_10.6
- (no CPE)range: < 3.8.13-1.1
Patches
Vulnerability mechanics
References
6News mentions
0No linked articles in our index yet.