VYPR
Medium severity5.3NVD Advisory· Published May 6, 2026· Updated May 12, 2026

CVE-2026-6860

CVE-2026-6860

Description

A TCP client can perform a TLS handshake and present the server name extension with a server name that is accepted by a server wildcard name, e.g. if the server is configured with a certificate accepting *.example.com, any XYZ.example.com where xyz is a valid name can be used.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
io.vertx:vertx-coreMaven
>= 4.3.4, <= 4.3.8
io.vertx:vertx-coreMaven
>= 4.4.0, <= 4.4.9
io.vertx:vertx-coreMaven
>= 4.5.0, < 4.5.274.5.27
io.vertx:vertx-coreMaven
>= 5.0.0, < 5.0.125.0.12

Affected products

48

Patches

Vulnerability mechanics

References

7

News mentions

0

No linked articles in our index yet.