CVE-2026-42013 HIGH

CVE-2026-42013: Gnutls: gnutls: certificate validation bypass due to oversized subject alternative name

Vendor Red Hat

Product Red Hat Enterprise Linux 6

Weakness CWE-295

Published May 26, 2026

Last update June 30, 2026

View on NVD All CVEs

CVSS base score

8.2/10

Attack vector Network

Attack complexity Low

Privileges required None

User interaction None

Confidentiality Low

Integrity High

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N

What the vulnerability does

01Description

A flaw was found in gnutls. When validating certificates, an oversized Subject Alternative Name (SAN) could cause the validation process to incorrectly fall back to checking the Common Name (CN) field. This could allow a remote attacker to bypass proper certificate validation, potentially leading to spoofing or man-in-the-middle attacks.

Key dates

02Disclosure timeline

May 26, 2026 CVE published

June 30, 2026 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2026-42013 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/295.html

Related vulnerabilities

Identifiers

CVE CVE-2026-42013

CWE CWE-295

CVSS 8.2 / HIGH

Affected versions

Vendor Red Hat

Product Red Hat Enterprise Linux 6

Affected All versions

Vendor Red Hat

Product Red Hat Enterprise Linux 7

Affected All versions

Vendor Red Hat

Product Red Hat Hardened Images

Affected All versions

Vendor Red Hat

Product Red Hat OpenShift Container Platform 4

Affected All versions

CVE-2026-42013: Gnutls: gnutls: certificate validation bypass due to oversized subject alternative name

01Description

02Disclosure timeline

03References

04Related CVE