JustAppSec
UNKNOWN Severity

CVE-2026-27137

Last updated Mar 06, 2026 · Published Mar 06, 2026

← Back to list

Description

When verifying a certificate chain which contains a certificate containing multiple email address constraints which share common local portions but different domain portions, these constraints will not be properly applied, and only the last constraint will be considered.

Affected products

1 listed
  • Go standard library:crypto/x509

Mappings

CWE

CWE-295

CAPEC

None listed.

CVE® content © MITRE Corporation. Licensed under the CVE Terms of Use. Terms

Need help?Get in touch.