Skip to main content

Crypto X509

3 CVEs product

Monthly

CVE-2026-27145 Go MEDIUM PATCH This Month

Quadratic-complexity denial-of-service in Go's crypto/x509 package allows a network-positioned attacker presenting a certificate with a large DNS Subject Alternative Name list to exhaust CPU on the verifying party. The root cause is that VerifyHostname called strings.Split(host, ".") inside a loop over every DNS SAN entry rather than computing it once, scaling work as O(SANs × hostname_labels). Critically, x509.Verify performs hostname validation before chain building, meaning even untrusted, self-signed certificates trigger the expensive computation - no valid CA-issued certificate is required. No public exploit is identified at time of analysis, and EPSS is 0.00%, consistent with a newly-disclosed algorithmic complexity issue without weaponized tooling.

Information Disclosure Crypto X509
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-32280 Go HIGH PATCH This Week

Denial of service in Go's crypto/x509 chain builder allows remote attackers to exhaust server resources by submitting a large number of intermediate certificates during TLS handshake or direct certificate verification. Affects crypto/x509 versions prior to 1.25.9 and 1.26.0-1.26.1. No public exploit identified at time of analysis, though SSVC assessment indicates the attack is automatable. EPSS exploitation probability is minimal (0.01%), suggesting low observed attacker interest despite the network-accessible attack surface and lack of authentication requirements.

Denial Of Service Crypto X509
NVD VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-33810 Go HIGH PATCH This Week

Certificate validation bypass in Go's crypto/x509 library (versions 1.26.0-1.26.1) allows remote attackers to circumvent DNS name constraints through case-sensitivity mismatches in wildcard Subject Alternative Names. Attackers with certificates from trusted CAs can bypass intended domain restrictions and impersonate constrained subdomains, achieving unauthorized confidentiality access with limited integrity impact. Vendor-released patch available (Go 1.26.2). EPSS score is 0.01% (percentile 0%), indicating very low observed exploitation probability. No public exploit code or CISA KEV listing identified at time of analysis.

Information Disclosure Crypto X509
NVD VulDB
CVSS 3.1
8.2
EPSS
0.0%
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Quadratic-complexity denial-of-service in Go's crypto/x509 package allows a network-positioned attacker presenting a certificate with a large DNS Subject Alternative Name list to exhaust CPU on the verifying party. The root cause is that VerifyHostname called strings.Split(host, ".") inside a loop over every DNS SAN entry rather than computing it once, scaling work as O(SANs × hostname_labels). Critically, x509.Verify performs hostname validation before chain building, meaning even untrusted, self-signed certificates trigger the expensive computation - no valid CA-issued certificate is required. No public exploit is identified at time of analysis, and EPSS is 0.00%, consistent with a newly-disclosed algorithmic complexity issue without weaponized tooling.

Information Disclosure Crypto X509
NVD VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Denial of service in Go's crypto/x509 chain builder allows remote attackers to exhaust server resources by submitting a large number of intermediate certificates during TLS handshake or direct certificate verification. Affects crypto/x509 versions prior to 1.25.9 and 1.26.0-1.26.1. No public exploit identified at time of analysis, though SSVC assessment indicates the attack is automatable. EPSS exploitation probability is minimal (0.01%), suggesting low observed attacker interest despite the network-accessible attack surface and lack of authentication requirements.

Denial Of Service Crypto X509
NVD VulDB
EPSS 0% CVSS 8.2
HIGH PATCH This Week

Certificate validation bypass in Go's crypto/x509 library (versions 1.26.0-1.26.1) allows remote attackers to circumvent DNS name constraints through case-sensitivity mismatches in wildcard Subject Alternative Names. Attackers with certificates from trusted CAs can bypass intended domain restrictions and impersonate constrained subdomains, achieving unauthorized confidentiality access with limited integrity impact. Vendor-released patch available (Go 1.26.2). EPSS score is 0.01% (percentile 0%), indicating very low observed exploitation probability. No public exploit code or CISA KEV listing identified at time of analysis.

Information Disclosure Crypto X509
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy