229 matches found
PT-2026-40700
aria2c accepts a server certificate with incorrect Extended Key Usage EKU. If the attackers compromise a certificate with the associated private key issued for a different purpose, they may be able to reuse it for TLS server authentication...
Linux Distros Unpatched Vulnerability : CVE-2026-1858
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wget2 accepts a server certificate with incorrect Key Usage KU or Extended Key Usage EKU. If the attackers compromise a certificate with the associated private...
SUSE CVE-2026-1858
wget2 accepts a server certificate with incorrect Key Usage KU or Extended Key Usage EKU. If the attackers compromise a certificate with the associated private key issued for a different purpose, they may be able to reuse it for TLS server authentication...
CVE-2026-1858
wget2 accepts a server certificate with incorrect Key Usage KU or Extended Key Usage EKU. If the attackers compromise a certificate with the associated private key issued for a different purpose, they may be able to reuse it for TLS server authentication...
DEBIAN-CVE-2026-1858
wget2 accepts a server certificate with incorrect Key Usage KU or Extended Key Usage EKU. If the attackers compromise a certificate with the associated private key issued for a different purpose, they may be able to reuse it for TLS server authentication...
CVE-2026-1858
wget2 accepts a server certificate with incorrect Key Usage KU or Extended Key Usage EKU. If the attackers compromise a certificate with the associated private key issued for a different purpose, they may be able to reuse it for TLS server authentication...
UBUNTU-CVE-2026-1858
wget2 accepts a server certificate with incorrect Key Usage KU or Extended Key Usage EKU. If the attackers compromise a certificate with the associated private key issued for a different purpose, they may be able to reuse it for TLS server authentication...
CVE-2026-1858
wget2 accepts a server certificate with incorrect Key Usage KU or Extended Key Usage EKU. If the attackers compromise a certificate with the associated private key issued for a different purpose, they may be able to reuse it for TLS server authentication...
CVE-2026-1858
wget2 accepts a server certificate with incorrect Key Usage KU or Extended Key Usage EKU. If the attackers compromise a certificate with the associated private key issued for a different purpose, they may be able to reuse it for TLS server authentication...
EUVD-2026-26285
wget2 accepts a server certificate with incorrect Key Usage KU or Extended Key Usage EKU. If the attackers compromise a certificate with the associated private key issued for a different purpose, they may be able to reuse it for TLS server authentication...
CVE-2026-1858 wget2 Improper Certificate Validation
wget2 accepts a server certificate with incorrect Key Usage KU or Extended Key Usage EKU. If the attackers compromise a certificate with the associated private key issued for a different purpose, they may be able to reuse it for TLS server authentication...
CVE-2026-1858
CVE-2026-1858 involves wget2 accepting a server certificate with incorrect Key Usage (KU) or Extended Key Usage (EKU). The published description states that if an attacker compromises a certificate (and its private key) that was issued for a different purpose, that certificate may be reusable for...
CVE-2026-1858 wget2 Improper Certificate Validation
wget2 accepts a server certificate with incorrect Key Usage KU or Extended Key Usage EKU. If the attackers compromise a certificate with the associated private key issued for a different purpose, they may be able to reuse it for TLS server authentication...
CVE-2026-1858
wget2 accepts a server certificate with incorrect Key Usage KU or Extended Key Usage EKU. If the attackers compromise a certificate with the associated private key issued for a different purpose, they may be able to reuse it for TLS server authentication...
PT-2026-36003
Name of the Vulnerable Software and Affected Versions wget2 affected versions not specified Description An issue exists where the software accepts server certificates with incorrect Key Usage KU or Extended Key Usage EKU. This could allow an attacker who has compromised a certificate and its...
SUSE CVE-2026-31430
In the Linux kernel, the following vulnerability has been resolved: X.509: Fix out-of-bounds access when parsing extensions Leo reports an out-of-bounds access when parsing a certificate with empty Basic Constraints or Key Usage extension because the first byte of the extension is read before...
CVE-2026-31430
In the Linux kernel, the following vulnerability has been resolved: X.509: Fix out-of-bounds access when parsing extensions Leo reports an out-of-bounds access when parsing a certificate with empty Basic Constraints or Key Usage extension because the first byte of the extension is read before...
CVE-2026-31430
In the Linux kernel, the following vulnerability has been resolved: X.509: Fix out-of-bounds access when parsing extensions Leo reports an out-of-bounds access when parsing a certificate with empty Basic Constraints or Key Usage extension because the first byte of the extension is read before...
CVE-2026-31430
CVE-2026-31430 affects the Linux kernel: X.509 extensions parsing could read the first byte of an extension before checking length, causing out-of-bounds access. The vulnerability can be triggered by an unprivileged user submitting a crafted certificate via the keyrings(7) API. A PoC exists. The ...
CVE-2026-31430 X.509: Fix out-of-bounds access when parsing extensions
In the Linux kernel, the following vulnerability has been resolved: X.509: Fix out-of-bounds access when parsing extensions Leo reports an out-of-bounds access when parsing a certificate with empty Basic Constraints or Key Usage extension because the first byte of the extension is read before...