Name Constraint Bypass in GnuTLS Allows Spoofing in Certificate Validation
CVE-2026-42011

7.4HIGH

Key Information:

Vendor

Red Hat
Status
Red Hat Enterprise Linux 10
Red Hat Enterprise Linux 10.0 Extended Update Support
Red Hat Enterprise Linux 8
Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support
Vendor
CVE Published:
7 May 2026

What is CVE-2026-42011?

A critical flaw in the GnuTLS library allows attackers to bypass name constraints during certificate validation. The vulnerability stems from the incorrect handling of permitted name constraints when excluded name constraints are present from previous Certificate Authorities (CAs). By exploiting this weakness, an attacker could present invalid certificates, leading to risks such as spoofing and man-in-the-middle attacks on affected systems. It is crucial for affected users and organizations to update GnuTLS to secure their applications and maintain the integrity of their certificate validation processes.

Affected Version(s)

Red Hat Discovery 2 1782159791

Red Hat Discovery 2 1782166952

Red Hat Enterprise Linux 10 0:3.8.10-4.el10_2

References

https://access.redhat.com/errata/RHSA-2026:13274
vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:20611
vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:20612
vendor-advisoryx_refsource_REDHAT

CVSS V3.1

Score:
7.4
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Red Hat would like to thank Haruto Kimura (Stella) for reporting this issue.
.