CVE-2026-6450

CVE-2026-6450CVE-2026-6450

Description

A CRL critical extension bypass exists in ParseCRL_Extensions where critical extensions are not properly enforced, allowing a crafted CRL with an unhandled critical extension to be accepted. This only affects builds with CRL support enabled and where a crafted CRL had a trusted signature when parsed.

Scoring

Last modified2026-06-25
Sourced from NVD. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.