CVE-2026-5419

ADVISORY - nist

Summary

A flaw was found in gnutls. The PKCS#7 padding check, performed during decryption, was not constant-time. This timing side-channel could allow a remote attacker to potentially leak sensitive information about the padding bytes through observable timing differences. This vulnerability is a form of information disclosure.

EPSS Score⁠: 0.00039 (0.122)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-208⁠

Observable Timing Discrepancy

Impacted images

Advisories

NIST

CREATED

3 days ago

UPDATED

2 days ago

ADVISORY IDCVE-2026-5419⁠

EXPLOITABILITY SCORE

2.2

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-208⁠

CVSS SCORE

3.7low

Alpine

CREATED

1 month ago

UPDATED

24 days ago

ADVISORY IDCVE-2026-5419⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Debian

CREATED

1 month ago

UPDATED

3 days ago

ADVISORY IDCVE-2026-5419⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

Ubuntu

CREATED

1 month ago

UPDATED

16 hours ago

ADVISORY IDCVE-2026-5419⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Rocky

CREATED

2 days ago

UPDATED

2 days ago

ADVISORY IDRLSA-2026:20612⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh