{"api_version":"1","generated_at":"2026-06-01T22:31:38+00:00","cve":"CVE-2026-42013","urls":{"html":"https://cve.report/CVE-2026-42013","api":"https://cve.report/api/cve/CVE-2026-42013.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2026-42013","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2026-42013"},"summary":{"title":"Gnutls: gnutls: certificate validation bypass due to oversized subject alternative name","description":"A flaw was found in gnutls. When validating certificates, an oversized Subject Alternative Name (SAN) could cause the validation process to incorrectly fall back to checking the Common Name (CN) field. This could allow a remote attacker to bypass proper certificate validation, potentially leading to spoofing or man-in-the-middle attacks.","state":"PUBLISHED","assigner":"redhat","published_at":"2026-05-26 22:16:42","updated_at":"2026-06-01 21:16:44"},"problem_types":["CWE-1284","CWE-1284 Improper Validation of Specified Quantity in Input"],"metrics":[{"version":"3.1","source":"secalert@redhat.com","type":"Secondary","score":"8.2","severity":"HIGH","vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N","data":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N","baseScore":8.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"HIGH","availabilityImpact":"NONE"}},{"version":"3.1","source":"CNA","type":"CVSS","score":"8.2","severity":"HIGH","vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N","data":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"NONE","baseScore":8.2,"baseSeverity":"HIGH","confidentialityImpact":"LOW","integrityImpact":"HIGH","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N","version":"3.1"}}],"references":[{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467448","name":"https://bugzilla.redhat.com/show_bug.cgi?id=2467448","refsource":"secalert@redhat.com","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://access.redhat.com/errata/RHSA-2026:20613","name":"https://access.redhat.com/errata/RHSA-2026:20613","refsource":"secalert@redhat.com","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://access.redhat.com/security/cve/CVE-2026-42013","name":"https://access.redhat.com/security/cve/CVE-2026-42013","refsource":"secalert@redhat.com","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://access.redhat.com/errata/RHSA-2026:20611","name":"https://access.redhat.com/errata/RHSA-2026:20611","refsource":"secalert@redhat.com","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2026-42013","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-42013","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","version":"unaffected 0:3.8.10-4.el10_2 * rpm","platforms":[]},{"source":"CNA","vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","version":"unaffected 0:3.6.16-8.el8_10.6 * rpm","platforms":[]},{"source":"CNA","vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","version":"unaffected 0:3.6.16-8.el8_10.6 * rpm","platforms":[]},{"source":"CNA","vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","version":"","platforms":[]},{"source":"CNA","vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","version":"","platforms":[]},{"source":"CNA","vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","version":"","platforms":[]},{"source":"CNA","vendor":"Red Hat","product":"Red Hat Hardened Images","version":"","platforms":[]},{"source":"CNA","vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","version":"","platforms":[]}],"timeline":[{"source":"CNA","time":"2026-05-06T19:47:00.134Z","lang":"en","value":"Reported to Red Hat."},{"source":"CNA","time":"2026-04-29T00:00:00.000Z","lang":"en","value":"Made public."}],"solutions":[],"workarounds":[],"exploits":[],"credits":[{"source":"CNA","value":"Red Hat would like to thank Haruto Kimura (Stella) and Joshua Rogers (AISLE Research Team) for reporting this issue.","lang":"en"}],"nvd_cpes":[],"vendor_comments":[],"enrichments":{"kev":null,"epss":{"cve_year":"2026","cve_id":"42013","cve":"CVE-2026-42013","epss":"0.000330000","percentile":"0.101900000","score_date":"2026-05-31","updated_at":"2026-06-01 00:08:20"},"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"metrics":[{"other":{"content":{"id":"CVE-2026-42013","options":[{"Exploitation":"none"},{"Automatable":"yes"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","timestamp":"2026-05-28T14:13:44.668002Z","version":"2.0.3"},"type":"ssvc"}}],"providerMetadata":{"dateUpdated":"2026-05-28T14:13:58.434Z","orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP"},"title":"CISA ADP Vulnrichment"}],"cna":{"affected":[{"collectionURL":"https://access.redhat.com/downloads/content/package-browser/","cpes":["cpe:/o:redhat:enterprise_linux:10.2"],"defaultStatus":"affected","packageName":"gnutls","product":"Red Hat Enterprise Linux 10","vendor":"Red Hat","versions":[{"lessThan":"*","status":"unaffected","version":"0:3.8.10-4.el10_2","versionType":"rpm"}]},{"collectionURL":"https://access.redhat.com/downloads/content/package-browser/","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream","cpe:/o:redhat:enterprise_linux:8::baseos"],"defaultStatus":"affected","packageName":"gnutls","product":"Red Hat Enterprise Linux 8","vendor":"Red Hat","versions":[{"lessThan":"*","status":"unaffected","version":"0:3.6.16-8.el8_10.6","versionType":"rpm"}]},{"collectionURL":"https://access.redhat.com/downloads/content/package-browser/","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream","cpe:/o:redhat:enterprise_linux:8::baseos"],"defaultStatus":"affected","packageName":"gnutls","product":"Red Hat Enterprise Linux 8","vendor":"Red Hat","versions":[{"lessThan":"*","status":"unaffected","version":"0:3.6.16-8.el8_10.6","versionType":"rpm"}]},{"collectionURL":"https://access.redhat.com/downloads/content/package-browser/","cpes":["cpe:/o:redhat:enterprise_linux:6"],"defaultStatus":"unknown","packageName":"gnutls","product":"Red Hat Enterprise Linux 6","vendor":"Red Hat"},{"collectionURL":"https://access.redhat.com/downloads/content/package-browser/","cpes":["cpe:/o:redhat:enterprise_linux:7"],"defaultStatus":"affected","packageName":"gnutls","product":"Red Hat Enterprise Linux 7","vendor":"Red Hat"},{"collectionURL":"https://access.redhat.com/downloads/content/package-browser/","cpes":["cpe:/o:redhat:enterprise_linux:9"],"defaultStatus":"affected","packageName":"gnutls","product":"Red Hat Enterprise Linux 9","vendor":"Red Hat"},{"collectionURL":"https://access.redhat.com/downloads/content/package-browser/","cpes":["cpe:/a:redhat:hummingbird:1"],"defaultStatus":"affected","packageName":"gnutls","product":"Red Hat Hardened Images","vendor":"Red Hat"},{"collectionURL":"https://access.redhat.com/downloads/content/package-browser/","cpes":["cpe:/a:redhat:openshift:4"],"defaultStatus":"affected","packageName":"rhcos","product":"Red Hat OpenShift Container Platform 4","vendor":"Red Hat"}],"credits":[{"lang":"en","value":"Red Hat would like to thank Haruto Kimura (Stella) and Joshua Rogers (AISLE Research Team) for reporting this issue."}],"datePublic":"2026-04-29T00:00:00.000Z","descriptions":[{"lang":"en","value":"A flaw was found in gnutls. When validating certificates, an oversized Subject Alternative Name (SAN) could cause the validation process to incorrectly fall back to checking the Common Name (CN) field. This could allow a remote attacker to bypass proper certificate validation, potentially leading to spoofing or man-in-the-middle attacks."}],"metrics":[{"other":{"content":{"namespace":"https://access.redhat.com/security/updates/classification/","value":"Moderate"},"type":"Red Hat severity rating"}},{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"NONE","baseScore":8.2,"baseSeverity":"HIGH","confidentialityImpact":"LOW","integrityImpact":"HIGH","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N","version":"3.1"},"format":"CVSS"}],"problemTypes":[{"descriptions":[{"cweId":"CWE-1284","description":"Improper Validation of Specified Quantity in Input","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2026-06-01T19:28:02.453Z","orgId":"53f830b8-0a3f-465b-8143-3b8a9948e749","shortName":"redhat"},"references":[{"name":"RHSA-2026:20611","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:20611"},{"name":"RHSA-2026:20613","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:20613"},{"tags":["vdb-entry","x_refsource_REDHAT"],"url":"https://access.redhat.com/security/cve/CVE-2026-42013"},{"name":"RHBZ#2467448","tags":["issue-tracking","x_refsource_REDHAT"],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467448"}],"timeline":[{"lang":"en","time":"2026-05-06T19:47:00.134Z","value":"Reported to Red Hat."},{"lang":"en","time":"2026-04-29T00:00:00.000Z","value":"Made public."}],"title":"Gnutls: gnutls: certificate validation bypass due to oversized subject alternative name","x_generator":{"engine":"cvelib 1.8.0"},"x_redhatCweChain":"CWE-1284: Improper Validation of Specified Quantity in Input"}},"cveMetadata":{"assignerOrgId":"53f830b8-0a3f-465b-8143-3b8a9948e749","assignerShortName":"redhat","cveId":"CVE-2026-42013","datePublished":"2026-05-26T21:29:32.887Z","dateReserved":"2026-04-23T11:23:46.517Z","dateUpdated":"2026-06-01T19:28:02.453Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.2"},"nvd":{"publishedDate":"2026-05-26 22:16:42","lastModifiedDate":"2026-06-01 21:16:44","problem_types":["CWE-1284","CWE-1284 Improper Validation of Specified Quantity in Input"],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N","baseScore":8.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":4.2}]},"configurations":[]},"legacy_mitre":{"record":{"CveYear":"2026","CveId":"42013","Ordinal":"1","Title":"Gnutls: gnutls: certificate validation bypass due to oversized s","CVE":"CVE-2026-42013","Year":"2026"},"notes":[{"CveYear":"2026","CveId":"42013","Ordinal":"1","NoteData":"A flaw was found in gnutls. When validating certificates, an oversized Subject Alternative Name (SAN) could cause the validation process to incorrectly fall back to checking the Common Name (CN) field. This could allow a remote attacker to bypass proper certificate validation, potentially leading to spoofing or man-in-the-middle attacks.","Type":"Description","Title":"Gnutls: gnutls: certificate validation bypass due to oversized s"}]}}}