EEF-CVE-2026-42789 Non-CA certificate accepted as intermediate issuer in public_key path validation
Summary Improper Following of a Certificate's Chain of Trust vulnerability in Erlang OTP public\key pubkey\cert module allows a non-CA certificate to be accepted as an intermediate issuer, enabling certificate chain forgery. In lib/public\key/src/pubkey\cert.erl, pubkey\cert:validate\extensions/7...