Question 1

What is CVE-2026-27137 — CVE-2026-27137?

Accepted Answer

When verifying a certificate chain which contains a certificate containing multiple email address constraints which share common local portions but different domain portions, these constraints will not be properly applied, and only the last constraint will be considered.

Question 2

What is the authoritative source for CVE-2026-27137?

Accepted Answer

CVE-2026-27137 (CVE-2026-27137) is catalogued in NVD + CISA KEV + FIRST EPSS and curated for EU compliance use cases by SQUR.

CVSS	7.5 ()
Vector	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Last modified	2026-06-30

CVE-2026-27137CVE-2026-27137

Description

Scoring