CVE-2026-32281

ADVISORY - nist

Summary

Validating certificate chains which use policies is unexpectedly inefficient when certificates in the chain contain a very large number of policy mappings, possibly causing denial of service. This only affects validation of otherwise trusted certificate chains, issued by a root CA in the VerifyOptions.Roots CertPool, or in the system certificate pool.

EPSS Score⁠: 0.00022 (0.065)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-295⁠

Improper Certificate Validation

ADVISORY - redhat

CWE-1050⁠

Excessive Platform Resource Consumption within a Loop

Impacted images

Advisories

Sign in to Docker Scout

See which of your images are affected by this CVE and how to fix them by signing into Docker Scout.