CVE-2026-32144

Name of the Vulnerable Software and Affected Versions Erlang OTP versions 27.0 through 28.4.2 and 27.3.4.10 public key versions 1.16 through 1.20.3 and 1.17.1.2 ssl versions 11.2 through 11.5.4 and 11.2.12.7

Description An issue exists in the public key (pubkey ocsp module) of Erlang OTP related to improper certificate validation. Specifically, the OCSP response validation process does not verify the cryptographic signature of CA-designated responder certificates, relying only on issuer name matching and the OCSPSigning extended key usage. This allows an attacker to forge OCSP responses, potentially marking revoked certificates as valid. This impacts SSL/TLS clients using OCSP stapling and applications directly using the public key:pkix ocsp validate/5 API. The vulnerable code is located in the files lib/public key/src/pubkey ocsp.erl and program routines pubkey ocsp:is authorized responder/3.

Recommendations For SSL users: Do not enable OCSP validation setting (current default is {stapling, no staple}) Use CRL-based revocation checking by setting the {crl check, true} SSL option instead

For applications using public key:pkix ocsp validate/5 directly: Pass {is trusted responder fun, Fun} option with a function that validates trusted responder certificates Restrict OCSP responder access to trusted endpoints via network controls