CVE-2026-45389

In OCaml-TLS before 2.1.0, the server implementation does insufficient checks of the certificate provided by the client (when doing client authentication), which allows impersonation with certificates that are not meant for client authentication (because of KeyUsage and ExtendedKeyUsage).
Configurations

No configuration.

History

17 Jun 2026, 17:17

Type Values Removed Values Added
References () https://osv.dev/vulnerability/OSEC-2026-07 - () https://osv.dev/vulnerability/OSEC-2026-07 -
CWE CWE-295
CVSS v2 : unknown
v3 : 9.1
v2 : unknown
v3 : 7.4

16 Jun 2026, 15:16

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 9.1
References () https://osv.dev/vulnerability/OSEC-2026-07 - () https://osv.dev/vulnerability/OSEC-2026-07 -

15 Jun 2026, 20:16

Type Values Removed Values Added
New CVE

Information

Published : 2026-06-15 20:16

Updated : 2026-06-17 17:17


NVD link : CVE-2026-45389

Mitre link : CVE-2026-45389

CVE.ORG link : CVE-2026-45389


JSON object : View

Products Affected

No product.

CWE
CWE-295

Improper Certificate Validation