CVE-2026-42791
Analyzed Analyzed - Analysis Complete
Improper Certificate Validation in Erlang OTP

Publication date: 2026-05-27

Last updated on: 2026-06-02

Assigner: EEF

Description
Improper Certificate Validation vulnerability in Erlang OTP public_key (pubkey_ocsp module) allows forged OCSP responses signed with an expired responder certificate to be accepted as valid. OCSP response verification in pubkey_ocsp:verify_response/5 and pubkey_ocsp:is_authorized_responder/3 in lib/public_key/src/pubkey_ocsp.erl does not check the validity period (notBefore/notAfter) of the OCSP responder certificate. An attacker who has obtained the private key of an expired CA-designated OCSP responder certificate can forge OCSP responses that Erlang/OTP accepts as valid. This affects TLS clients using OCSP stapling via the ssl application: a malicious or compromised server can present a revoked TLS certificate together with a forged OCSP response signed by an expired responder key, and the client will accept the revoked certificate as valid. It also affects applications calling public_key:pkix_ocsp_validate/5 directly, where the impact depends on the use case β€” server-side client certificate validation using this API may allow authentication bypass with a revoked client certificate. This issue affects OTP from OTP 27.0 before OTP 27.3.4.12, 28.5.0.1, and 29.0.1 corresponding to public_key from 1.16 before 1.17.1.3, 1.20.3.1, and 1.21.1.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-27
Last Modified
2026-06-02
Generated
2026-06-16
AI Q&A
2026-05-27
EPSS Evaluated
2026-06-15
NVD
CVE-2026-42791
EUVD
EUVD-2026-32273
Affected Vendors & Products
Showing 3 associated CPEs
Vendor Product Version / Range
erlang erlang/otp From 27.0 (inc) to 27.3.4.12 (exc)
erlang erlang/otp From 28.0 (inc) to 28.5.0.1 (exc)
erlang erlang/otp From 29.0 (inc) to 29.0.1 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-672 The product uses, accesses, or otherwise operates on a resource after that resource has been expired, released, or revoked.
CWE-295 The product does not validate, or incorrectly validates, a certificate.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-42791 is an Improper Certificate Validation vulnerability in the Erlang OTP public_key module, specifically in the pubkey_ocsp module.

The vulnerability arises because the OCSP responder certificate's validity period (the notBefore and notAfter fields) is not checked during OCSP response verification.

This means that forged OCSP responses signed with an expired OCSP responder certificate can be accepted as valid by Erlang/OTP.

An attacker who has obtained the private key of an expired CA-designated OCSP responder certificate can exploit this to forge OCSP responses that the system will accept.

Impact Analysis

This vulnerability can allow a malicious or compromised server to present a revoked TLS certificate along with a forged OCSP response signed by an expired responder key, causing TLS clients using OCSP stapling to accept the revoked certificate as valid.

It also affects applications that call the public_key:pkix_ocsp_validate/5 function directly, potentially allowing authentication bypass if a revoked client certificate is presented.

The impact depends on the use case, but it can undermine the trustworthiness of certificate revocation checks, leading to acceptance of revoked or invalid certificates.

Detection Guidance

Detection of this vulnerability involves checking whether your Erlang/OTP environment is using affected versions of the public_key module that do not validate the OCSP responder certificate's validity period.

Since the vulnerability affects TLS clients using OCSP stapling via the ssl application, you can detect suspicious OCSP responses by capturing and inspecting OCSP stapled responses from servers your clients connect to, looking for responses signed by expired OCSP responder certificates.

There are no specific commands provided in the resources to detect the vulnerability directly on your system or network.

However, general approaches include:

  • Check the Erlang/OTP version and public_key application version installed on your system to see if they fall within the affected versions (OTP 27.0 before 27.3.4.12, 28.5.0.1, and 29.0.1; public_key versions before 1.17.1.3, 1.20.3.1, and 1.21.1).
  • Use network packet capture tools (e.g., tcpdump, Wireshark) to capture TLS traffic and extract OCSP stapled responses for manual inspection.
  • Manually verify the validity period of OCSP responder certificates in captured responses to identify acceptance of expired certificates.
Mitigation Strategies

Immediate mitigation steps include:

  • Upgrade Erlang/OTP to a patched version that fixes the vulnerability: OTP 27.3.4.12 or later, 28.5.0.1 or later, or 29.0.1 or later, which include public_key versions 1.17.1.3, 1.20.3.1, and 1.21.1 respectively.
  • If upgrading is not immediately possible, disable OCSP stapling in TLS client options to prevent acceptance of forged OCSP responses.
  • Alternatively, switch to using Certificate Revocation Lists (CRLs) for revocation checking instead of OCSP stapling.
  • For applications that call public_key:pkix_ocsp_validate/5 directly, implement validation of the OCSP responder certificate's validity period in application code before calling this function.
Compliance Impact

The vulnerability allows forged OCSP responses signed with expired responder certificates to be accepted as valid, which can lead to acceptance of revoked TLS certificates or authentication bypass with revoked client certificates.

This undermines the integrity of certificate validation and revocation checking, potentially allowing unauthorized access or data exposure.

Such weaknesses in certificate validation can negatively impact compliance with security requirements in common standards and regulations like GDPR and HIPAA, which mandate strong controls to protect data confidentiality and integrity.

Specifically, failure to properly validate certificates could lead to unauthorized access to sensitive personal or health information, violating these regulations' security and privacy mandates.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-42791. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart