CVE-2026-6899

CVE-2026-6899 affects the CycloneCrypto wrapper in the S2OPC library. The check for certificate revocation only reviews the first matching CRL and ignores other valid CRLs for the same CA, potentially allowing a revoked certificate to establish a connection between an OPC UA client and server. No...

S2OPC OPC UA Toolkit 安全漏洞

S2OPC OPC UA Toolkit is an open-source development toolkit for OPC UA communication, developed by Systerel. The S2OPC OPC UA Toolkit contains a security vulnerability. This vulnerability stems from the CycloneCrypto encryption wrapper, where certificate revocation checks only consider the first...

CLSA-2026-1778020314 openssl: Fix of CVE-2026-28388

CVE-2026-28388: fix NULL pointer dereference in checkdeltabase when delta CRL lacks CRL Number extension...

Astra Linux – Vulnerability in mbedtls

A issue was discovered in Arm Mbed TLS before version 2.24.0. It incorrectly uses a revocationDate check when deciding whether to honor certificate revocation via a CRL. In some situations, an attacker can exploit this by changing the local clock...

Astra Linux – Vulnerability in mbedtls

A issue was discovered in Arm Mbed TLS before version 2.24.0. The function mbedtlsx509crlparseder has a buffer over-read of one byte...

JLSEC-2026-234 Vulnerable OpenSSL included in cryptography wheels

There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1STRING but the public structure definition for GENERALNAME incorrectly specified the type of the x400Address field as ASN1TYPE. This field is subsequentl...

OESA-2026-2079 shim security update

Initial UEFI bootloader that handles chaining to a trusted full \ bootloader under secure boot environments. Security Fixes: Issue summary: When a delta CRL that contains a Delta CRL Indicator extension is processed a NULL pointer dereference might happen if the required CRL Number extension is...

OESA-2026-2042 openssl security update

Security Fixes: Issue summary: An uncommon configuration of clients performing DANE TLSA-based server authentication, when paired with uncommon server DANE TLSA records, may result in a use-after-free and/or double-free on the client side. Impact summary: A use after free can have a range of...

Reachable panic in certificate revocation list parsing

A panic was reachable when parsing certificate revocation lists via BorrowedCertRevocationList::fromder or OwnedCertRevocationList::fromder. This was the result of mishandling a syntactically valid empty BIT STRING appearing in the onlySomeReasons element of a IssuingDistributionPoint CRL...

NULL Pointer Dereference When Processing a Delta CRL

...

CVE-2026-28388

Issue summary: When a delta CRL that contains a Delta CRL Indicator extension is processed a NULL pointer dereference might happen if the required CRL Number extension is missing. Impact summary: A NULL pointer dereference can trigger a crash which leads to a Denial of Service for an application...

CVE-2026-28388 NULL Pointer Dereference When Processing a Delta CRL

Issue summary: When a delta CRL that contains a Delta CRL Indicator extension is processed a NULL pointer dereference might happen if the required CRL Number extension is missing. Impact summary: A NULL pointer dereference can trigger a crash which leads to a Denial of Service for an application...

UBUNTU-CVE-2026-28388

Issue summary: When a delta CRL that contains a Delta CRL Indicator extension is processed a NULL pointer dereference might happen if the required CRL Number extension is missing. Impact summary: A NULL pointer dereference can trigger a crash which leads to a Denial of Service for an application...

JLSEC-2026-57

Libksba before 1.6.3 is prone to an integer overflow vulnerability in the CRL signature parser...

webpki: CRLs not considered authoritative by Distribution Point due to faulty matching logic

If a certificate had more than one distributionPoint, then only the first distributionPoint would be considered against each CRL's IssuingDistributionPoint distributionPoint, and then the certificate's subsequent distributionPoints would be ignored. The impact was that correct provided CRLs would...

GHSA-9F94-5G5W-GF6R CRL Distribution Point Scope Check Logic Error in AWS-LC

Summary AWS-LC is an open-source, general-purpose cryptographic library. Impact A logic error in CRL distribution point matching in AWS-LC allows a revoked certificate to bypass revocation checks during certificate validation, when the application enables CRL checking and uses partitioned CRLs wi...

CRL Distribution Point Scope Check Logic Error in AWS-LC

Summary AWS-LC is an open-source, general-purpose cryptographic library. Impact A logic error in CRL distribution point matching in AWS-LC allows a revoked certificate to bypass revocation checks during certificate validation, when the application enables CRL checking and uses partitioned CRLs wi...

CVE-2026-4428

A logic error in CRL distribution point validation in AWS-LC before 1.71.0 causes partitioned CRLs to be incorrectly rejected as out of scope, which allows a revoked certificate to bypass certificate revocation checks. To remediate this issue, users should upgrade to AWS-LC 1.71.0 or...

Out-of-bounds Write

Overview Affected versions of this package are vulnerable to Out-of-bounds Write via the CRL number parsing process. An attacker can cause memory corruption or execute arbitrary code by providing a specially crafted CRL with a maliciously sized CRL number. This is only exploitable if CRL support ...

CVE-2026-4428

The CVE relates to AWS-LC CRL distribution point validation logic before 1.71.0. A logic error caused partitioned CRLs to be incorrectly rejected as out of scope, enabling a revoked certificate to bypass revocation checks. Affected software is AWS-LC prior to 1.71.0; the issue is fixed in AWS-LC ...