CVE-2026-33810

ADVISORY - golang

Summary

When verifying a certificate chain containing excluded DNS constraints, these constraints are not correctly applied to wildcard DNS SANs which use a different case than the constraint.

This only affects validation of otherwise trusted certificate chains, issued by a root CA in the VerifyOptions.Roots CertPool, or in the system certificate pool.

Common Weakness Enumeration (CWE)

Impacted images

Advisories

GoLang

CREATED

5 hours ago

UPDATED

5 hours ago

ADVISORY IDGO-2026-4866⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Package	Type	OS Name	OS Version	Affected Ranges	Fix Versions
stdlib	golang	-	-	>=1.26.0-0,<1.26.2	1.26.2

Severity and metrics

No CVSS data available from this advisory.