CVE-2026-3832

Name of the Vulnerable Software and Affected Versions gnutls (affected versions not specified)

Description A logic error exists in how the software processes multi-record Online Certificate Status Protocol (OCSP) responses—a protocol used to check the revocation status of digital certificates. A remote attacker can exploit this by presenting a specially crafted OCSP response during a TLS handshake, which may cause a client with OCSP verification enabled to incorrectly accept a revoked server certificate, potentially compromising trust.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.