Skip to main content

Red Hat Enterprise Linux 10 CVE-2026-3833

| EUVDEUVD-2026-26403 HIGH
Improper Handling of Case Sensitivity (CWE-178)
2026-04-30 redhat
7.4
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
7.4 HIGH
AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
vuln.today AI
7.4 HIGH

Network-reachable cert validation with no auth (PR:N/UI:N); AC:H because exploitation needs a name-constrained CA deployment; C/I:H from impersonation/policy bypass, no availability impact (A:N).

3.1 AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
4.0 AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
SUSE
6.5 MEDIUM
AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Red Hat
6.5 MEDIUM
qualitative

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
None

Lifecycle Timeline

9
Analysis Updated
Jun 24, 2026 - 17:33 vuln.today
v3 (cvss_changed)
Analysis Updated
Jun 24, 2026 - 17:33 vuln.today
v2 (cvss_changed)
Re-analysis Queued
Jun 24, 2026 - 17:22 vuln.today
cvss_changed
Severity Changed
Jun 24, 2026 - 17:22 NVD
MEDIUM HIGH
CVSS changed
Jun 24, 2026 - 17:22 NVD
6.5 (MEDIUM) 7.4 (HIGH)
Analysis Generated
Apr 30, 2026 - 18:16 vuln.today
EUVD ID Assigned
Apr 30, 2026 - 18:00 euvd
EUVD-2026-26403
Analysis Generated
Apr 30, 2026 - 18:00 vuln.today
CVE Published
Apr 30, 2026 - 17:37 nvd
MEDIUM 6.5

DescriptionNVD

A flaw was found in gnutls. This vulnerability occurs because gnutls performs case-sensitive comparisons of nameConstraints labels, specifically for dNSName (DNS) or rfc822Name (email) constraints within excludedSubtrees or permittedSubtrees. A remote attacker can exploit this by crafting a leaf certificate with casing differences in the Subject Alternative Name (SAN), leading to a policy bypass where a certificate that should be rejected is instead accepted. This could result in unauthorized access or information disclosure.

AnalysisAI

Certificate name-constraints bypass in GnuTLS allows a remote attacker to craft a leaf certificate whose Subject Alternative Name differs only in letter casing from a constrained dNSName or rfc822Name, causing GnuTLS to accept a certificate that its excludedSubtrees/permittedSubtrees policy should reject. The flaw stems from case-sensitive comparison of name-constraint labels and enables unauthorized access, impersonation, or information disclosure across software (notably Red Hat Enterprise Linux 6-10 and OpenShift Container Platform 4) that relies on GnuTLS for X.509 validation. SSVC notes a public proof-of-concept exists, though EPSS exploitation probability is very low (0.03%, 9th percentile) and the issue is not in CISA KEV.

CVE-2026-4631 CRITICAL POC
9.8 Apr 07

Remote code execution in Cockpit's web interface allows unauthenticated attackers to execute arbitrary commands on the h

CVE-2026-4480 CRITICAL POC
9.0 May 26

Remote code execution in Samba's printing subsystem allows remote attackers to inject arbitrary shell commands via craft

CVE-2026-14544 CRITICAL
9.8 Jul 03

Remote code execution and privilege escalation in HPLIP (HP Linux Imaging and Printing) affects the hpcups print filter

CVE-2026-28369 CRITICAL
9.1 Mar 27

HTTP request smuggling in Undertow (the embedded web server underpinning JBoss EAP, Red Hat Data Grid, and Apache Camel

CVE-2026-28368 CRITICAL
9.1 Mar 27

HTTP request smuggling in Red Hat Undertow allows remote unauthenticated attackers to bypass front-end security controls

CVE-2026-33845 CRITICAL
9.1 Apr 30

Out-of-bounds read in the GnuTLS DTLS handshake reassembly logic lets remote unauthenticated attackers trigger an intege

CVE-2026-28367 CRITICAL
9.1 Mar 27

HTTP request smuggling in Undertow allows remote unauthenticated attackers to send `\r\r\r` as a header block terminator

CVE-2026-11610 HIGH
8.8 Jul 07

Denial of service in Red Hat / 389 Directory Server (389-ds-base, versions since ~1.3.2/2013) allows an authenticated LD

CVE-2026-14474 HIGH
8.8 Jul 07

Local-to-domain-wide root privilege escalation in SSSD's LDAP sudo provider allows an authenticated LDAP directory user

CVE-2026-52720 HIGH
8.8 Jun 15

Heap buffer overflow in GStreamer's librfb (RFB/VNC client) allows a malicious VNC server to corrupt heap memory on a co

CVE-2026-5260 HIGH
8.2 May 26

Information disclosure and denial of service in GnuTLS (libgnutls) let a remote, unauthenticated attacker trigger a heap

CVE-2026-0966 HIGH
8.2 Mar 26

Remote denial-of-service in libssh 0.11.x and earlier allows unauthenticated attackers to crash SSH server daemon proces

Vendor StatusVendor

SUSE

Severity: Medium
Product Status
SUSE Linux Enterprise Desktop 15 SP7 Fixed
SUSE Linux Enterprise High Performance Computing 15 SP7 Fixed
SUSE Linux Enterprise Micro 5.3 Fixed
SUSE Linux Enterprise Micro 5.4 Fixed
SUSE Linux Enterprise Micro 5.5 Fixed

Share

CVE-2026-3833 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy