CVE-2026-42790
published 2026-05-27CVE-2026-42790: Improper Certificate Validation vulnerability in Erlang OTP public_key (pubkey_cert and public_key modules) allows a DNS nameConstraints bypass via subject…
PriorityP343high8.1CVSS 3.1
AVNACLPRNUIRSUCHIHAN
EPSS
0.34%
25.6th percentile
Improper Certificate Validation vulnerability in Erlang OTP public_key (pubkey_cert and public_key modules) allows a DNS nameConstraints bypass via subject CommonName fallback in TLS hostname verification.
Two flaws combine to allow a subordinate CA whose DNS nameConstraints are restricted (e.g. permitted;DNS:allowed.example.com) to issue a leaf certificate that an OTP TLS client accepts as a valid identity for an out-of-scope hostname (e.g. victim.example.com):
First, pubkey_cert:validate_names/6 in lib/public_key/src/pubkey_cert.erl only checks SAN DNS entries against nameConstraints. Per RFC 5280, a permitted DNS subtree only restricts certificates that contain a DNS-typed name. A leaf with no subjectAltName therefore trivially satisfies any permitted;DNS:... constraint regardless of its subject commonName.
Second, public_key:pkix_verify_hostname/3 in lib/public_key/src/public_key.erl falls back to the subject commonName when no subjectAltName is present, extracting id-at-commonName attributes as presented IDs and matching them against the reference hostname. The strict pkix_verify_hostname_match_fun(https) matcher does not suppress this fallback.
The result is that path validation accepts a CN-only leaf under a DNS-constrained intermediate (no SAN means the nameConstraints are not triggered), and hostname verification then accepts it via the CN fallback. The bypass is reachable from stock ssl:connect with verify_peer, a trusted CA, SNI, and the canonical strict https hostname matcher.
This issue affects OTP from OTP 19.3 before OTP 26.2.5.21, 27.3.4.12, 28.5.0.1, and 29.0.1 corresponding to public_key from 1.4 before 1.15.1.7, 1.17.1.3, 1.20.3.1, and 1.21.1.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | erlang | — | — |
| erlang | erlang_otp | >= 19.3 < 26.2.5.21 | 26.2.5.21 |
| erlang | erlang_otp | >= 27.0 < 27.3.4.12 | 27.3.4.12 |
| erlang | erlang_otp | >= 28.0 < 28.5.0.1 | 28.5.0.1 |
| erlang | erlang_otp | >= 29.0 < 29.0.1 | 29.0.1 |
| erlang | otp | >= 1.4 < * | * |
| erlang | otp | >= 19.3 < * | * |
| erlang | otp | >= b0c245e8132bb13171e277b1af59c0cec00c9459 < * | * |
CVSS provenance
nvdv3.18.1HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
nvdv4.07.6HIGHCVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vendor_redhat8.1HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2026-42790 erlang: Erlang OTP public_key: Certificate validation bypass allows hostname spoofing [fedora-all]
bugzilla·2026-06-23·CVSS 8.1
CVE-2026-42790 [HIGH] CVE-2026-42790 erlang: Erlang OTP public_key: Certificate validation bypass allows hostname spoofing [fedora-all]
CVE-2026-42790 erlang: Erlang OTP public_key: Certificate validation bypass allows hostname spoofing [fedora-all]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
Bugzilla
CVE-2026-42790 erlang: Erlang OTP public_key: Certificate validation bypass allows hostname spoofing [epel-all]
bugzilla·2026-06-23·CVSS 8.1
CVE-2026-42790 [HIGH] CVE-2026-42790 erlang: Erlang OTP public_key: Certificate validation bypass allows hostname spoofing [epel-all]
CVE-2026-42790 erlang: Erlang OTP public_key: Certificate validation bypass allows hostname spoofing [epel-all]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
Bugzilla
CVE-2026-42790 erlang: Erlang OTP public_key: Certificate validation bypass allows hostname spoofing
bugzilla·2026-05-27·CVSS 8.1
CVE-2026-42790 [HIGH] CVE-2026-42790 erlang: Erlang OTP public_key: Certificate validation bypass allows hostname spoofing
CVE-2026-42790 erlang: Erlang OTP public_key: Certificate validation bypass allows hostname spoofing
Improper Certificate Validation vulnerability in Erlang OTP public_key (pubkey_cert and public_key modules) allows a DNS nameConstraints bypass via subject CommonName fallback in TLS hostname verification.
Two flaws combine to allow a subordinate CA whose DNS nameConstraints are restricted (e.g. permitted;DNS:allowed.example.com) to issue a leaf certificate that an OTP TLS client accepts as a valid identity for an out-of-scope hostname (e.g. victim.example.com):
First, pubkey_cert:validate_names/6 in lib/public_key/src/pubkey_cert.erl only checks SAN DNS entries against nameConstraints. Per RFC 5280, a permitted DNS subtree only restricts certificates that contain a DNS-typed name. A lea
https://cna.erlef.org/cves/CVE-2026-42790.htmlhttps://github.com/erlang/otp/commit/0769050c69d73762672b0db1347b6993a5b31759https://github.com/erlang/otp/commit/21abed64eb2026b5f82f432709e4e932f9be389ahttps://github.com/erlang/otp/commit/fb67c6d1836f51105a96d8b769e71e4215a79457https://github.com/erlang/otp/security/advisories/GHSA-22cw-4ph4-6447https://osv.dev/vulnerability/EEF-CVE-2026-42790https://www.erlang.org/doc/system/versions.html#order-of-versionshttps://access.redhat.com/security/cve/CVE-2026-42790https://bugzilla.redhat.com/show_bug.cgi?id=2482286https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-42790.json
2026-05-27
Published