Tag
CVE-2026-42012 describes a vulnerability in GnuTLS where a remote attacker can spoof legitimate services or intercept sensitive information by presenting a specially crafted certificate with URI or SRV SANs, causing the certificate validation process to incorrectly fall back to checking DNS hostnames against the Common Name (CN).