Lucene search
K

4 matches found

SUSE CVE
SUSE CVE
added 2026/05/28 3:58 a.m.18 views

SUSE CVE-2026-42789

Improper Following of a Certificate's Chain of Trust vulnerability in Erlang OTP publickey pubkeycert module allows a non-CA certificate to be accepted as an intermediate issuer, enabling certificate chain forgery. In lib/publickey/src/pubkeycert.erl, pubkeycert:validateextensions/7 contains two...

7.4CVSS5.9AI score0.00322EPSS
Exploits0References4
NVD
NVD
added 2026/05/27 2:16 p.m.13 views

CVE-2026-42789

Improper Following of a Certificate's Chain of Trust vulnerability in Erlang OTP publickey pubkeycert module allows a non-CA certificate to be accepted as an intermediate issuer, enabling certificate chain forgery. In lib/publickey/src/pubkeycert.erl, pubkeycert:validateextensions/7 contains two...

8CVSS0.00322EPSS
Exploits0References9
OSV
OSV
added 2026/05/27 12:23 p.m.8 views

EEF-CVE-2026-42789 Non-CA certificate accepted as intermediate issuer in public_key path validation

Summary Improper Following of a Certificate's Chain of Trust vulnerability in Erlang OTP public\key pubkey\cert module allows a non-CA certificate to be accepted as an intermediate issuer, enabling certificate chain forgery. In lib/public\key/src/pubkey\cert.erl, pubkey\cert:validate\extensions/7...

7CVSS7.2AI score0.00322EPSS
Exploits0References5
CVE
CVE
added 2026/05/27 12:23 p.m.73 views

CVE-2026-42789

The CVE-2026-42789 entry documents a vulnerability in Erlang OTP public_key (pubkey_cert module): a certificate with basicConstraints cA:false and no keyUsage can be misused as an intermediate issuer during pkix_path_validation, enabling chain forgery. Two flaws in pubkey_cert:validate_extensions...

8CVSS5.9AI score0.00322EPSS
Exploits0References9Affected Software1
Rows per page
Query Builder