Vulnerability Details CVE-2026-3832
A flaw was found in gnutls. A remote attacker could exploit this vulnerability by presenting a specially crafted Online Certificate Status Protocol (OCSP) response during a TLS handshake. Due to a logic error in how gnutls processes multi-record OCSP responses, a client with OCSP verification enabled may incorrectly accept a revoked server certificate, potentially leading to a compromise of trust.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 6.2%
CVSS Severity
CVSS v3 Score 3.7
References
- https://access.redhat.com/errata/RHSA-2026:13274
- https://access.redhat.com/errata/RHSA-2026:20612
- https://access.redhat.com/errata/RHSA-2026:20613
- https://access.redhat.com/security/cve/CVE-2026-3832
- https://bugzilla.redhat.com/show_bug.cgi?id=2445762
- https://gitlab.com/gnutls/gnutls/-/issues/1801
- https://gitlab.com/gnutls/gnutls/-/issues/1801
Products affected by CVE-2026-3832
-
cpe:2.3:a:gnu:gnutls:-
-
cpe:2.3:a:redhat:hardened_images:-
-
cpe:2.3:a:redhat:openshift_container_platform:4.0
-
cpe:2.3:o:redhat:enterprise_linux:10.0
-
cpe:2.3:o:redhat:enterprise_linux:6.0
-
cpe:2.3:o:redhat:enterprise_linux:7.0
-
cpe:2.3:o:redhat:enterprise_linux:8.0
-
cpe:2.3:o:redhat:enterprise_linux:9.0