THREATOPS
THREAT OPSThreat News › [NVD] CVE-2026-42010 (HIGH 7.1) — A flaw was found in gnutls. Servers configured with RSA-PSK (Rivest–Shamir–Adleman – Pre-Shared Key) wrongfully matched usernames containing a NUL character with truncated usernames. A remote attacker could exploit this by sending a specially crafted username, leading to an authe

[NVD] CVE-2026-42010 (HIGH 7.1) — A flaw was found in gnutls. Servers configured with RSA-PSK (Rivest–Shamir–Adleman – Pre-Shared Key) wrongfully matched usernames containing a NUL character with truncated usernames. A remote attacker could exploit this by sending a specially crafted username, leading to an authe

lownvdPublished 2026-05-07

CVE-2026-42010 CVSS: 7.1 HIGH Published: 2026-05-07T12:16:17.977

A flaw was found in gnutls. Servers configured with RSA-PSK (Rivest–Shamir–Adleman – Pre-Shared Key) wrongfully matched usernames containing a NUL character with truncated usernames. A remote attacker could exploit this by sending a specially crafted username, leading to an authentication bypass. This vulnerability allows an attacke

Indicators of compromise

Original source: https://nvd.nist.gov/vuln/detail/CVE-2026-42010