CVE-2026-42011EPSS p30.3%

CVE-2026-42011CVE-2026-42011

Description

A flaw was found in gnutls. This vulnerability occurs because permitted name constraints were incorrectly ignored when previous Certificate Authorities (CAs) only had excluded name constraints. A remote attacker could exploit this to bypass critical name constraint checks during certificate validation. This bypass could lead to the acceptance of invalid certificates, potentially enabling spoofing or man-in-the-middle attacks against affected systems.

Scoring

CVSS 7.4 ()
VectorCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
EPSS0.39% probability of exploitation · percentile 30.3% · 2026-06-19T12:03:05Z
Last modified2026-06-02

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-42012
CVE
CVE-2026-42013
CVE
CVE-2026-3833
CVE
CVE-2026-42010
CVE
CVE-2026-3832
CVE
CVE-2025-14831
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.