cbcvebase.
CVE-2026-32280
published 2026-04-08

CVE-2026-32280: During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in…

PriorityP342high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
EPSS
0.61%
44.9th percentile
During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions.Intermediates, which can lead to a denial of service. This affects both direct users of crypto/x509 and users of crypto/tls.

Affected

112 ranges· showing 25
VendorProductVersion rangeFixed in
3scale-amp23scale-rhel7-operator
3scale-amp23scale-rhel9-operator
3scale-amp263scale-operator
3scale-amp26operator
advanced-cluster-securityrhacs-main-rhel8
ansible-automation-platform-26receptor-rhel9
ansible-automation-platformplatform-operator-bundle
build-of-trusteetrustee-rhel9-operator
buildah_projectbuildah
cert-managerjetstack-cert-manager-rhel9
cnv4openshift-golang-builder
complianceopenshift-compliance-operator-bundle
complianceopenshift-selinuxd-rhel8
confidential-containerstrustee
container-native-virtualizationvirt-api
container-native-virtualizationvirt-api-rhel9
container-tools_rhel8buildah
container-tools_rhel8conmon
container-tools_rhel8containernetworking-plugins
container-tools_rhel8podman
container-tools_rhel8runc
container-tools_rhel8skopeo
container-tools_rhel8toolbox
cryostatcryostat-storage-rhel9
custom-metrics-autoscalercustom-metrics-autoscaler-rhel9

CVSS provenance

nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
ghsa7.5HIGH
osv7.5HIGH
vendor_debian7.5HIGH
vendor_redhat7.5HIGH
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.