CVE-2026-6731
Received Received - Intake
X.509 Name Constraint Bypass in wolfSSL

Publication date: 2026-06-25

Last updated on: 2026-06-25

Assigner: wolfSSL Inc.

Description
X.509 name constraint bypass via the Subject Common Name when treated as a DNS-type name. A certificate whose Subject CN violates an issuing CA's DNS name constraints could be accepted.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-25
Last Modified
2026-06-25
Generated
2026-06-26
AI Q&A
2026-06-26
EPSS Evaluated
N/A
NVD
CVE-2026-6731
Affected Vendors & Products
Currently, no data is known.
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-295 The product does not validate, or incorrectly validates, a certificate.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability involves a bypass of X.509 name constraints through the Subject Common Name (CN) field when it is treated as a DNS-type name. Specifically, a certificate whose Subject CN violates the DNS name constraints set by the issuing Certificate Authority (CA) could still be accepted, potentially allowing unauthorized certificates to be trusted.

Impact Analysis

The impact of this vulnerability is that an attacker could present a certificate with a Subject Common Name that violates the DNS name constraints imposed by the issuing CA, yet the certificate might still be accepted as valid. This could lead to trust in unauthorized or malicious certificates, potentially enabling man-in-the-middle attacks or impersonation.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-6731. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart