CVE-2026-3832
A flaw was found in gnutls. A remote attacker could exploit this vulnerability by presenting a specially crafted Online Certificate Status P
CVSS
3.7
Bajo
EPSS
0.7%
p50
KEV
—
Exploit Today
15
0-100
Publicado: 30 abr 2026 · Última mod.: 13 jul 2026 · CWE-179
0.7%EPSS · 30 días0.7%
2026-06-302026-07-16
A flaw was found in gnutls. A remote attacker could exploit this vulnerability by presenting a specially crafted Online Certificate Status Protocol (OCSP) response during a TLS handshake. Due to a logic error in how gnutls processes multi-record OCSP responses, a client with OCSP verification enabled may incorrectly accept a revoked server certificate, potentially leading to a compromise of trust.
- access.redhat.comhttps://access.redhat.com/errata/RHSA-2026:13274
- access.redhat.comhttps://access.redhat.com/errata/RHSA-2026:20612
- access.redhat.comhttps://access.redhat.com/errata/RHSA-2026:20613
- access.redhat.comhttps://access.redhat.com/errata/RHSA-2026:26319
- access.redhat.comhttps://access.redhat.com/errata/RHSA-2026:26409
- access.redhat.comhttps://access.redhat.com/errata/RHSA-2026:29197
- access.redhat.comhttps://access.redhat.com/security/cve/CVE-2026-3832
- bugzilla.redhat.comhttps://bugzilla.redhat.com/show_bug.cgi?id=2445762
- gitlab.comhttps://gitlab.com/gnutls/gnutls/-/issues/1801
- gitlab.comhttps://gitlab.com/gnutls/gnutls/-/issues/1801
CVECVSSEPSSKEVRExplotTítuloVis.
CVE-2026-252237.5 ALT51.5%
——15Fastify is a fast and low overhead web framework, for Node.js. Prior to version 5.7.2, a validation bypass vulnerability exists in Fastify where request body validation schemas specified by Content-Type can be completely circumvented. By appending a tab character (\t) followed by arbitrary content to the Content-Type header, attackers can bypass body validation while the server still processes the body as the original content type. This issue has been patched in version 5.7.2.2dCVE-2026-323055.3 MED32.7%
——10Traefik is an HTTP reverse proxy and load balancer. Versions 2.11.40 and below, 3.0.0-beta1 through 3.6.11, and 3.7.0-ea.1 are vulnerable to mTLS bypass through the TLS SNI pre-sniffing logic related to fragmented ClientHello packets. When a TLS ClientHello is fragmented across multiple records, Traefik's SNI extraction may fail with an EOF and return an empty SNI. The TCP router then falls back to the default TLS configuration, which does not require client certificates by default. This allows an attacker to bypass route-level mTLS enforcement and access services that should require mutual TLS authentication. This issue is patched in versions 2.11.41, 3.6.11 and 3.7.0-ea.2.2dCVE-2026-494147.8 ALT1.3%
——0The ELF image activator cleared per-process ASLR preference flags for setuid binaries after the code that computes the PIE base address, rather than before. As a result, a user-requested ASLR disable was still in effect at the point where the base address was chosen.
An unprivileged local user can disable ASLR for a setuid PIE binary by calling procctl(2) before execve(2). This makes exploitation of any separate memory corruption vulnerability in that binary significantly easier.16d