How is CVE-2026-42790 exploited?

Network reachability (required): The attacker must be positioned to intercept or inject traffic over the network between the Erlang OTP TLS client and the server it is connecting to. Authentication (not-required): No credentials or account are required; the attack is reachable from an unauthenticated network position. Victim interaction (required): A victim TLS client must initiate a connection that the attacker can intercept, requiring the target application or user to trigger outbound TLS traffic toward the spoofed host. Attack complexity (info): Exploitation requires specific preconditions: the attacker must control or compromise a subordinate CA with restricted DNS nameConstraints and be positioned to perform a man-in-the-middle interception, making reliable exploitation dependent on environmental factors.

What is the impact of CVE-2026-42790?

The attacker can impersonate a TLS server for a hostname outside the subordinate CA's permitted DNS scope, causing the Erlang OTP client to treat the connection as trusted. All data sent over the intercepted TLS session is readable by the attacker, including session tokens, credentials, API keys, or any application-layer content. The attacker can modify data in transit between the client and the spoofed server, injecting or altering requests and responses without the client detecting tampering.

Back to search

HIGHCVE-2026-42790Published 2026-05-27Modified 2026-05-28CNA EEF

CVE-2026-42790: nameConstraints DNS bypass via subject CommonName fallback in public_key hostname verification

Improper Certificate Validation vulnerability in Erlang OTP public_key (pubkey_cert and public_key modules) allows a DNS nameConstraints bypass via subject CommonName fallback in TLS hostname verification. Two flaws combine to allow a subordinate CA whose DNS nameConstraints are restricted (e.g. permitted;DNS:allowed.example.com) to issue a leaf certificate that an OTP TLS client accepts as a valid identity for an out-of-scope hostname (e.g. victim.example.com): First, pubkey_cert:validate_names/6 in lib/public_key/src/pubkey_cert.erl only checks SAN DNS entries against nameConstraints. Per RFC 5280, a permitted DNS subtree only restricts certificates that contain a DNS-typed name. A leaf with no subjectAltName therefore trivially satisfies any permitted;DNS:... constraint regardless of its subject commonName. Second, public_key:pkix_verify_hostname/3 in lib/public_key/src/public_key.erl falls back to the subject commonName when no subjectAltName is present, extracting id-at-commonName attributes as presented IDs and matching them against the reference hostname. The strict pkix_verify_hostname_match_fun(https) matcher does not suppress this fallback. The result is that path validation accepts a CN-only leaf under a DNS-constrained intermediate (no SAN means the nameConstraints are not triggered), and hostname verification then accepts it via the CN fallback. The bypass is reachable from stock ssl:connect with verify_peer, a trusted CA, SNI, and the canonical strict https hostname matcher. This issue affects OTP from OTP 19.3 before OTP 26.2.5.21, 27.3.4.12, 28.5.0.1, and 29.0.1 corresponding to public_key from 1.4 before 1.15.1.7, 1.17.1.3, 1.20.3.1, and 1.21.1.

HarborGuard Analysis

HarborGuard analysis

Synopsis

An improper certificate validation vulnerability in Erlang OTP's public_key module allows a DNS nameConstraints bypass via subject CommonName fallback during TLS hostname verification. An unauthenticated remote attacker who can perform a man-in-the-middle interception and meet specific preconditions can present a crafted leaf certificate with no subjectAltName, causing a TLS client running Erlang OTP to accept it as valid for a hostname outside the subordinate CA's permitted DNS scope. Successful exploitation enables the attacker to intercept and tamper with traffic the client believes is protected by a trusted TLS connection. A patched-image rebuild is available on HarborGuard for environments running an affected version of Erlang OTP.

HarborGuard Coverage

Detection

Detection is available across every HarborGuard environment: CVE-2026-42790 is ingested from upstream advisory feeds within minutes of publication and matched against customer images, including custom-built images that package Erlang OTP directly. Any image found to include an affected version of the public_key module from OTP 19.3 up to the fixed releases surfaces in the scan results immediately.

Available

Triage

HarborGuard scores this finding at CVSS v4.0 7.6 (HIGH) and weights it against each environment's compliance policy to determine urgency and routing. Findings are dispatched to the appropriate team inbox within each customer organization based on image ownership and policy thresholds configured for that environment.

Available

Patch

Patched-image rebuilds targeting the fixed OTP releases (26.2.5.21, 27.3.4.12, 28.5.0.1, and 29.0.1, with corresponding public_key versions 1.15.1.7, 1.17.1.3, 1.20.3.1, and 1.21.1) are available on HarborGuard for environments running an affected version. For customers who opt into auto-remediation, HarborGuard triggers a rebuild, runs regression tests against the updated image, and opens a pull request against affected workloads automatically.

Available

Exploit Conditions

Network reachabilityRequired
The attacker must be positioned to intercept or inject traffic over the network between the Erlang OTP TLS client and the server it is connecting to.
AuthenticationNot required
No credentials or account are required; the attack is reachable from an unauthenticated network position.
Victim interactionRequired
A victim TLS client must initiate a connection that the attacker can intercept, requiring the target application or user to trigger outbound TLS traffic toward the spoofed host.
Attack complexityDetail
Exploitation requires specific preconditions: the attacker must control or compromise a subordinate CA with restricted DNS nameConstraints and be positioned to perform a man-in-the-middle interception, making reliable exploitation dependent on environmental factors.

Blast Radius

The attacker can impersonate a TLS server for a hostname outside the subordinate CA's permitted DNS scope, causing the Erlang OTP client to treat the connection as trusted.
All data sent over the intercepted TLS session is readable by the attacker, including session tokens, credentials, API keys, or any application-layer content.
The attacker can modify data in transit between the client and the spoofed server, injecting or altering requests and responses without the client detecting tampering.

How HarborGuard Handles This

Available on HarborGuard: detection for CVE-2026-42790 fires against any image containing an affected Erlang OTP installation (public_key 1.4 through the versions preceding the fixed releases) within minutes of the image entering a customer registry or pipeline. For environments with auto-remediation enabled, HarborGuard can rebuild the image at a fixed OTP release, run regression tests, and open a pull request against affected workloads; median time from CVE publication to merged patch PR for high-severity issues is around 90 minutes for environments with auto-remediation enabled. Where compliance policy does not permit auto-remediation, the finding is routed to the relevant team inbox with fix-version details attached. Until a rebuild is deployed, compensating controls worth considering include network-policy rules that restrict which services can initiate outbound TLS connections from affected workloads, and egress filtering that limits reachable TLS endpoints to known-good destinations, reducing the window in which a man-in-the-middle interception is feasible.

See how HarborGuard automates this

CVSS v4.0: 7.6
Severity: HIGH
Fixed in: *
Affected Products: 2

Fix available

Patch commits

Affected packages

Erlang / OTP
< * (from 1.4)
Erlang / OTP
< * (from 19.3) · < * (from b0c245e8132bb13171e277b1af59c0cec00c9459)

CVSS Vector

CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

References

HarborGuard Analysis

Synopsis

HarborGuard Coverage

Exploit Conditions

Blast Radius

How HarborGuard Handles This

Metrics

Fix available