Product

Libgnutls

1 brief RSS

CVE-2026-5260: libgnutls Heap Overread via Short Premaster Secret

A remote attacker can trigger a heap overread in libgnutls by sending an extremely short premaster secret during an RSA key exchange to a server using an RSA key backed by a PKCS#11 token, potentially leading to information disclosure.

libgnutls heap-overread information-disclosure tls cve

2r 1c 2h ago