CVE-2026-42013

ADVISORY - nist

Summary

A flaw was found in gnutls. When validating certificates, an oversized Subject Alternative Name (SAN) could cause the validation process to incorrectly fall back to checking the Common Name (CN) field. This could allow a remote attacker to bypass proper certificate validation, potentially leading to spoofing or man-in-the-middle attacks.

EPSS Score⁠: 0.00052 (0.164)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-1284⁠

Improper Validation of Specified Quantity in Input

Impacted images

Advisories

NIST

CREATED

9 days ago

UPDATED

2 days ago

ADVISORY IDCVE-2026-42013⁠

EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-1284⁠

CVSS SCORE

8.2high

Alpine

CREATED

1 month ago

UPDATED

24 days ago

ADVISORY IDCVE-2026-42013⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Debian

CREATED

1 month ago

UPDATED

9 days ago

ADVISORY IDCVE-2026-42013⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Ubuntu

CREATED

1 month ago

UPDATED

7 days ago

ADVISORY IDCVE-2026-42013⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Alma

CREATED

10 days ago

UPDATED

8 days ago

ADVISORY IDALSA-2026:20611⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Rocky

CREATED

7 days ago

UPDATED

7 days ago

ADVISORY IDRLSA-2026:20611⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Rocky

CREATED

2 days ago

UPDATED

2 days ago

ADVISORY IDRLSA-2026:20612⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Oracle

CREATED

9 days ago

UPDATED

9 days ago

ADVISORY IDELSA-2026-20611⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh