CVE-2026-42013HIGH 8.2EPSS p31.7%

CVE-2026-42013CVE-2026-42013

Description

A flaw was found in gnutls. When validating certificates, an oversized Subject Alternative Name (SAN) could cause the validation process to incorrectly fall back to checking the Common Name (CN) field. This could allow a remote attacker to bypass proper certificate validation, potentially leading to spoofing or man-in-the-middle attacks.

Scoring

CVSS 3.18.2 (HIGH)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N
EPSS0.40% probability of exploitation · percentile 31.7% · 2026-06-19T12:03:05Z
Published2026-05-26
Last modified2026-06-02

Underlying weaknesses· 1

CWE-1284

References

  1. https://access.redhat.com/errata/RHSA-2026:20611
  2. https://access.redhat.com/security/cve/CVE-2026-42013
  3. https://bugzilla.redhat.com/show_bug.cgi?id=2467448

1

TypeTargetConfidenceTier
WeaknessImproper Validation of Specified Quantity in Inputcwe-12840%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-42012
CVE
CVE-2026-42011
CVE
CVE-2025-14831
CVE
CVE-2026-3833
CVE
CVE-2026-42010
CVE
CVE-2026-3832
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.