NVD HIGH: CVE-2026-42011 — A flaw was found in gnutls. This vulnerability occurs because permitted name con...

Thursday, May 7, 2026 at 03:16 PM UTC·Source: NIST NVD

Updated: Wednesday, May 13, 2026 at 01:00 PM UTC

Executive Summary

A flaw was found in gnutls. This vulnerability occurs because permitted name constraints were incorrectly ignored when previous Certificate Authorities (CAs) only had excluded name constraints. A remote attacker could exploit this to bypass critical name constraint checks during certificate validation. This bypass could lead to the acceptance of invalid certificates, potentially enabling spoofing

Analysis

Indicators of Compromise (1)

CVE (1)

CVE-2026-42011

NVD MITRE CVE

Source Attribution

Originally published by NIST NVD on May 7, 2026. Verified by: NIST.

Related Threats

MEDIUMVulnerabilityNEW

Deutsche Bank joins $120m funding round for crypto analytics firm Elliptic

Cryptocurrency and blockchain surveillance and analytics specialist Elliptic has raised $120 million in a Series D funding round led by One Peak, with participation from Nasdaq Ventures, Deutsche Bank and the British Business Bank.

25m agoFinextra

MEDIUMVulnerabilityNEW

Paybis secures MiCA and PSD2 licences

Paybis, a trusted cryptocurrency platform serving 7 million people, today joins a small club of global crypto platforms to have received authorisation as a Crypto Asset Service Provider (CASP) under the EU’s Markets in Crypto-Assets regulation (MiCA), alongside receiving a Payment Institution (PI) licence under PSD2 simultaneously, on the same day.

26m agoFinextra

CRITICALVulnerability

73 Seconds to Breach, 24 Hours to Patch: The Case for Autonomous Validation

Attackers can compromise systems in minutes while patching and response still take hours or days. Picus Security breaks down why autonomous validation is becoming critical for modern defense strategies. [...]

1h agoBleepingComputer