CVE-2026-27138

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.

Name of the Vulnerable Software and Affected Versions AWS Lambda (affected versions not specified)

Description A flaw exists where certificate verification can lead to a program crash. This occurs when a certificate within a chain lacks a DNS name while another certificate in the same chain has excluded name constraints. This issue impacts programs directly verifying X.509 certificate chains or those utilizing TLS. The issue affects 27 Lambda base images using stdlib.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2026-27138

GO-2026-4600

OPENSUSE-SU-2026:10299-1

Affected Products

Aws-Lambda

Stdlib

CVE-2026-27138

Related Identifiers

Affected Products

References · 19