CVE Vulnerabilities

CVE-2026-10592

Improper Certificate Validation

Published: Jun 25, 2026 | Modified: Jun 26, 2026
CVSS 3.x
5.3
MEDIUM
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu
MEDIUM
root.io logo minimus.io logo echo.ai logo

Certificates with wildcard DNS SANs (e.g. *.example.com) bypassed CA name-constraint checks. A certificate with a wildcard DNS SAN that should be rejected by the issuing CAs permitted/excluded DNS name constraints could be accepted.

Weakness

The product does not validate, or incorrectly validates, a certificate.

Affected Software

NameVendorStart VersionEnd Version
WolfsslWolfssl3.9.10 (including)5.9.2 (excluding)
WolfsslUbuntuquesting*

Potential Mitigations

References