CVE-2026-4428

ADVISORY - nist

Summary

A logic error in CRL distribution point validation in AWS-LC before 1.71.0 causes partitioned CRLs to be incorrectly rejected as out of scope, which allows a revoked certificate to bypass certificate revocation checks.

To remediate this issue, users should upgrade to AWS-LC 1.71.0 or AWS-LC-FIPS-3.3.0.

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-299⁠

Improper Check for Certificate Revocation

Impacted images

Advisories

NIST

CREATED

1 day ago

UPDATED

11 hours ago

ADVISORY IDCVE-2026-4428⁠

EXPLOITABILITY SCORE

2.2

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-299⁠

CVSS SCORE

9.1critical

RustSec

CREATED

2 days ago

UPDATED

7 hours ago

ADVISORY IDRUSTSEC-2026-0042⁠

EXPLOITABILITY SCORE

2.2

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

7.4high

RustSec

CREATED

2 days ago

UPDATED

7 hours ago

ADVISORY IDRUSTSEC-2026-0048⁠

EXPLOITABILITY SCORE

2.2

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

7.4high