CVE-2026-32884
Received Received - Intake
Case-Sensitive CN Bypass in Botan X.509 Name Constraints

Publication date: 2026-03-30

Last updated on: 2026-04-13

Assigner: GitHub, Inc.

Description
Botan is a C++ cryptography library. Prior to version 3.11.0, during processing of an X.509 certificate path using name constraints which restrict the set of allowable DNS names, if no subject alternative name is defined in the end-entity certificate Botan would check that the CN was allowed by the DNS name constraints, even though this check is technically not required by RFC 5280. However this check failed to account for the possibility of a mixed-case CN. Thus a certificate with CN=Sub.EVIL.COM and no subject alternative name would bypasses an excludedSubtrees constraint for evil.com because the comparison is case-sensitive. This issue has been patched in version 3.11.0.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-30
Last Modified
2026-04-13
Generated
2026-06-16
AI Q&A
2026-03-31
EPSS Evaluated
2026-06-15
NVD
CVE-2026-32884
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
botan_project botan to 3.11.0 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-295 The product does not validate, or incorrectly validates, a certificate.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Detection Guidance

This vulnerability affects Botan versions prior to 3.11.0 when processing X.509 certificates with name constraints and no subject alternative name. To detect if your system is vulnerable, you need to determine if Botan is used and its version is older than 3.11.0.

You can check the Botan library version installed on your system by running commands such as:

  • For Linux systems, use: `dpkg -l | grep botan` or `rpm -qa | grep botan`
  • If Botan is built from source or included in an application, check the application documentation or use: `strings /path/to/library | grep Botan` to find version information.

Additionally, to detect certificates that might exploit this vulnerability, you can inspect certificates for a common name (CN) with mixed case that bypasses DNS name constraints, but this requires custom scripting and detailed certificate analysis.

Executive Summary

This vulnerability exists in the Botan C++ cryptography library prior to version 3.11.0. When processing an X.509 certificate path with name constraints that restrict allowable DNS names, Botan checked the Common Name (CN) in the end-entity certificate if no subject alternative name was defined. However, this check was case-sensitive and did not properly handle mixed-case CN values. As a result, a certificate with a CN like "Sub.EVIL.COM" could bypass DNS name constraints that were meant to exclude domains such as "evil.com".

Impact Analysis

This vulnerability can allow an attacker to bypass DNS name constraints in certificate validation by using mixed-case characters in the CN field of a certificate. This means that a certificate that should have been rejected due to domain restrictions might be accepted, potentially allowing unauthorized or malicious certificates to be trusted. This can lead to man-in-the-middle attacks or other security breaches where an attacker impersonates a trusted entity.

Mitigation Strategies

To mitigate this vulnerability, upgrade the Botan cryptography library to version 3.11.0 or later, where the issue has been patched.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-32884. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart