Lucene search
K

253 matches found

RedhatCVE
RedhatCVE
added 4 days ago8 views

CVE-2026-42505

A flaw was found in the crypto/tls package in Go. Handshakes utilizing Encrypted Client Hello ECH could lead to de-anonymization by a passive network observer. This is due to the disclosure of pre-shared key identities within the unencrypted client hello, allowing an attacker to potentially link...

5.3CVSS5.8AI score0.00419EPSS
Exploits0References7
EUVD
EUVD
added 5 days ago4 views

EUVD-2026-42317

Handshakes which used Encrypted Client Hello could be de-anonymized by a passive network observer due to a disclosure of pre-shared key identities in the unencrypted client hello...

5.3CVSS5.9AI score0.00419EPSS
Exploits0References4
CVE
CVE
added 5 days ago23 views

CVE-2026-42505

CVE-2026-42505 describes a privacy leakage in handshakes using Encrypted Client Hello (ECH) , where a passive observer can de-anonymize connections due to disclosure of pre-shared key (PSK) identities in the unencrypted ClientHello. The vulnerability is documented across multiple sources (NVD, EU...

5.3CVSS5.9AI score0.00419EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2026/07/06 6:26 a.m.5 views

OESA-2026-2821 nodejs security update

Node.js is a platform built on Chrome's JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices...

7.5CVSS6.6AI score0.03782EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/07/03 10:16 a.m.9 views

CVE-2026-55952

A flaw was found in Erlang/OTP's SSL Secure Sockets Layer application. An unauthenticated remote attacker can send a specially crafted ClientHello message to a TLS 1.3 server with session tickets enabled. This can permanently disrupt the server's ability to handle session tickets, leading to a...

8.2CVSS6AI score0.00487EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2026/07/03 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-55952

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Erlang/OTP ssl application does not validate that the PSK identity list and binder list carried in a TLS 1.3 ClientHello pre-shared key extension have equal...

8.2CVSS6.1AI score0.00487EPSS
Exploits0References3
NVD
NVD
added 2026/07/02 5:17 p.m.7 views

CVE-2026-55952

The Erlang/OTP ssl application does not validate that the PSK identity list and binder list carried in a TLS 1.3 ClientHello pre-shared key extension have equal length before passing them to the session ticket handler. In tlshandshake13:handlepresharedkey/3, an OfferedPreSharedKeys record with a...

8.2CVSS0.00487EPSS
Exploits0References7
OSV
OSV
added 2026/07/02 5:17 p.m.10 views

UBUNTU-CVE-2026-55952

The Erlang/OTP ssl application does not validate that the PSK identity list and binder list carried in a TLS 1.3 ClientHello pre-shared key extension have equal length before passing them to the session ticket handler. In tlshandshake13:handlepresharedkey/3, an OfferedPreSharedKeys record with a...

8.2CVSS6.1AI score0.00487EPSS
Exploits0References12
Vulnrichment
Vulnrichment
added 2026/07/02 4:6 p.m.11 views

CVE-2026-55952 TLS 1.3 server denial of service via malformed ClientHello pre-shared key extension

The Erlang/OTP ssl application does not validate that the PSK identity list and binder list carried in a TLS 1.3 ClientHello pre-shared key extension have equal length before passing them to the session ticket handler. In tlshandshake13:handlepresharedkey/3, an OfferedPreSharedKeys record with a...

8.2CVSS5.9AI score0.00487EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/07/02 4:6 p.m.38 views

CVE-2026-55952 TLS 1.3 server denial of service via malformed ClientHello pre-shared key extension

The Erlang/OTP ssl application does not validate that the PSK identity list and binder list carried in a TLS 1.3 ClientHello pre-shared key extension have equal length before passing them to the session ticket handler. In tlshandshake13:handlepresharedkey/3, an OfferedPreSharedKeys record with a...

8.2CVSS0.00487EPSS
Exploits0References7
OSV
OSV
added 2026/07/02 4:6 p.m.5 views

EEF-CVE-2026-55952 TLS 1.3 server denial of service via malformed ClientHello pre-shared key extension

Summary The Erlang/OTP ssl application does not validate that the PSK identity list and binder list carried in a TLS 1.3 ClientHello pre-shared key extension have equal length before passing them to the session ticket handler. In tls\handshake\1\3:handle\pre\shared\key/3, an OfferedPreSharedKeys...

8.2CVSS5.9AI score0.00487EPSS
Exploits0References6
CVE
CVE
added 2026/07/02 4:6 p.m.18 views

CVE-2026-55952

Summary: The Erlang/OTP ssl module is vulnerable to a TLS 1.3 denial of service due to a mismatch between PSK identity list and binder list lengths in the ClientHello extension. In tls_handshake_1_3:handle_pre_shared_key/3, an OfferedPreSharedKeys record with unequal identities/binders is passed ...

8.2CVSS5.9AI score0.00487EPSS
Exploits0References7Affected Software2
OSV
OSV
added 2026/07/02 4:6 p.m.4 views

CVE-2026-55952 TLS 1.3 server denial of service via malformed ClientHello pre-shared key extension

The Erlang/OTP ssl application does not validate that the PSK identity list and binder list carried in a TLS 1.3 ClientHello pre-shared key extension have equal length before passing them to the session ticket handler. In tlshandshake13:handlepresharedkey/3, an OfferedPreSharedKeys record with a...

8.2CVSS6.1AI score0.00487EPSS
Exploits0References11
RedHat Linux
RedHat Linux
added 2026/06/29 3:13 p.m.11 views

gnutls: gnutls: Authentication Bypass via NUL Character in Username

A flaw was found in gnutls. Servers configured with RSA-PSK Rivest–Shamir–Adleman – Pre-Shared Key wrongfully matched usernames containing a NUL character with truncated usernames. A remote attacker could exploit this by sending a specially crafted username, leading to an authentication bypass...

9.8CVSS5.8AI score0.0105EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/29 10:17 a.m.7 views

gnutls: gnutls: Authentication Bypass via NUL Character in Username

A flaw was found in gnutls. Servers configured with RSA-PSK Rivest–Shamir–Adleman – Pre-Shared Key wrongfully matched usernames containing a NUL character with truncated usernames. A remote attacker could exploit this by sending a specially crafted username, leading to an authentication bypass...

9.8CVSS5.8AI score0.0105EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/29 2:54 a.m.4 views

gnutls: gnutls: Authentication Bypass via NUL Character in Username

A flaw was found in gnutls. Servers configured with RSA-PSK Rivest–Shamir–Adleman – Pre-Shared Key wrongfully matched usernames containing a NUL character with truncated usernames. A remote attacker could exploit this by sending a specially crafted username, leading to an authentication bypass...

9.8CVSS5.8AI score0.0105EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/29 2:40 a.m.8 views

gnutls: gnutls: Authentication Bypass via NUL Character in Username

A flaw was found in gnutls. Servers configured with RSA-PSK Rivest–Shamir–Adleman – Pre-Shared Key wrongfully matched usernames containing a NUL character with truncated usernames. A remote attacker could exploit this by sending a specially crafted username, leading to an authentication bypass...

9.8CVSS5.8AI score0.0105EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/06/26 12:0 a.m.10 views

Oracle Linux 9 : gnutls (ELSA-2026-20612)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-20612 advisory. - Fix CVE-2026-33846 DTLS fragment reassembly, High, heap overwrite - Fix CVE-2026-42009 DTLS fragment reassembly, High, undefined behaviour - Fix...

9.8CVSS5.9AI score0.01335EPSS
Exploits2References14
RedHat Linux
RedHat Linux
added 2026/06/25 6:37 p.m.7 views

gnutls: gnutls: Authentication Bypass via NUL Character in Username

A flaw was found in gnutls. Servers configured with RSA-PSK Rivest–Shamir–Adleman – Pre-Shared Key wrongfully matched usernames containing a NUL character with truncated usernames. A remote attacker could exploit this by sending a specially crafted username, leading to an authentication bypass...

9.8CVSS5.8AI score0.0105EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/16 4:53 p.m.7 views

gnutls: gnutls: Authentication Bypass via NUL Character in Username

A flaw was found in gnutls. Servers configured with RSA-PSK Rivest–Shamir–Adleman – Pre-Shared Key wrongfully matched usernames containing a NUL character with truncated usernames. A remote attacker could exploit this by sending a specially crafted username, leading to an authentication bypass...

9.8CVSS5.4AI score0.0105EPSS
Exploits0References5
Rows per page
Query Builder