4 matches found
CVE-2026-15165
CVE-2026-15165 affects Wireshark 4.6.0–4.6.6, where the TLS ECH decryptor may crash, causing a denial of service. The available connected documents specify the vulnerability and affected versions, but do not provide a root-cause analysis, exploit details, or remediation steps. No explicit exploit...
CVE-2026-27017
A flaw was found in uTLS. When using GREASE Encrypted ClientHello ECH, uTLS versions 1.6.0 through 1.8.0 may exhibit a fingerprint mismatch with Chrome. This occurs due to an inconsistent selection of cipher suites between the outer ClientHello and the ECH, potentially allowing a remote observer ...
CVE-2026-27017 uTLS has a Chrome Parrot Fingerprint Vulnerability due to GREASE ECH Cipher Suite Mismatch
uTLS is a fork of crypto/tls, created to customize ClientHello for fingerprinting resistance while still using it for the handshake. Versions 1.6.0 through 1.8.0 contain a fingerprint mismatch with Chrome when using GREASE ECH, related to cipher suite selection. When Chrome selects the preferred...
CVE-2026-27017
uTLS is a fork of crypto/tls, created to customize ClientHello for fingerprinting resistance while still using it for the handshake. Versions 1.6.0 through 1.8.0 contain a fingerprint mismatch with Chrome when using GREASE ECH, related to cipher suite selection. When Chrome selects the preferred...