THREATOPS
THREAT OPSThreat News › [NVD] CVE-2026-27137 (HIGH 7.5) — When verifying a certificate chain which contains a certificate containing multiple email address constraints which share common local portions but different domain portions, these constraints will not be properly applied, and only the last constraint will be considered.

[NVD] CVE-2026-27137 (HIGH 7.5) — When verifying a certificate chain which contains a certificate containing multiple email address constraints which share common local portions but different domain portions, these constraints will not be properly applied, and only the last constraint will be considered.

lownvdPublished 2026-03-06

CVE-2026-27137 CVSS: 7.5 HIGH Published: 2026-03-06T22:16:00.850

When verifying a certificate chain which contains a certificate containing multiple email address constraints which share common local portions but different domain portions, these constraints will not be properly applied, and only the last constraint will be considered.

Indicators of compromise

Original source: https://nvd.nist.gov/vuln/detail/CVE-2026-27137