CVE-2026-10592
CVE-2026-10592 concerns certificates with wildcard DNS SANs (e.g., *.example.com) bypassing CA name-constraint checks. A wildcard SAN that should be rejected by the issuing CA’s permitted/excluded DNS name constraints could be accepted, enabling potential mis-issuance. The provided documents refe...