CVE-2026-3833
6.5 MEDIUMA flaw was found in gnutls
Published: 2026-04-30 · Last updated: 2026-06-02
Severity and scoring
- CVSS
- 6.5 MEDIUM
- Vector
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
- CWE
- CWE-178
Affected products
| Vendor | Product |
|---|---|
| gnu | enterprise_linux, gnutls, hardened_images |
| redhat | enterprise_linux, gnutls, hardened_images |
Description
A flaw was found in gnutls. This vulnerability occurs because gnutls performs case-sensitive comparisons of `nameConstraints` labels, specifically for `dNSName` (DNS) or `rfc822Name` (email) constraints within `excludedSubtrees` or `permittedSubtrees`. A remote attacker can exploit this by crafting a leaf certificate with casing differences in the Subject Alternative Name (SAN), leading to a policy bypass where a certificate that should be rejected is instead accepted. This could result in unauthorized access or information disclosure.
Source: NVD
References
- [NVD]https://nvd.nist.gov/vuln/detail/CVE-2026-3833
- [Other]https://access.redhat.com/errata/RHSA-2026:13274
- [Other]https://access.redhat.com/errata/RHSA-2026:20611
- [Other]https://access.redhat.com/errata/RHSA-2026:20612
- [Other]https://access.redhat.com/errata/RHSA-2026:20613
- [Other]https://access.redhat.com/security/cve/CVE-2026-3833
- [Other]https://bugzilla.redhat.com/show_bug.cgi?id=2445763
- [Vendor advisory]https://gitlab.com/gnutls/gnutls/-/issues/1803
- [Vendor advisory]https://gitlab.com/gnutls/gnutls/-/issues/1803
Related CVEs
Same vendor
- CVE-2026-1767 — A flaw was found in the GNOME localsearch (previously known as tracker-miners) MP3 Extractor `tracker-extract-mp3` component (5.6 MEDIUM)
- CVE-2026-1766 — A flaw was found in GNOME localsearch (previously known as tracker-miners) MP3 Extractor, specifically within the tracker-extract-mp3 com... (5.6 MEDIUM)
- CVE-2026-11793 — A stack buffer overflow flaw was found in 389 Directory Server (4.9 MEDIUM)
- CVE-2026-11790 — A flaw was found in 389 Directory Server (4.9 MEDIUM)
- CVE-2026-11789 — A flaw was found in 389 Directory Server (4.9 MEDIUM)
Same CWE
- CVE-2026-53721 — Nuxt is an open-source web development framework for Vue.js (8.2 HIGH)
- CVE-2026-45062 — FrankenPHP is a modern application server for PHP (8.1 HIGH)
- CVE-2026-47346 — Backend users with file write permissions were able to upload form definition files with mixed-case extensions (e.g., .FORM.YAML) to bypa...
- CVE-2026-46392 — HAX CMS helps manage microsite universe with PHP or NodeJs backends (8.7 HIGH)
- CVE-2026-8404 — An issue was discovered in Django 5.2 before 5.2.15 and 6.0 before 6.0.6 (3.1 LOW)