CVE-2026-5260
ADVISORY - nistSummary
A flaw was found in libgnutls. A remote attacker, by sending an extremely short premaster secret during an RSA key exchange to a server using an RSA key backed by a PKCS#11 token, could trigger a short heap overread. This memory corruption vulnerability could lead to information disclosure.
EPSS Score: 0.00232 (0.461)
Common Weakness Enumeration (CWE)
ADVISORY - nist
Improper Validation of Specified Quantity in Input
Sign in to Docker Scout
See which of your images are affected by this CVE and how to fix them by signing into Docker Scout.
Sign in