CVE-2026-5260
Gravedad CVSS v3.1:
ALTA
Tipo:
No Disponible / Otro tipo
Fecha de publicación:
26/05/2026
Última modificación:
15/07/2026
Descripción
*** Pendiente de traducción *** A flaw was found in libgnutls. A remote attacker, by sending an extremely short premaster secret during an RSA key exchange to a server using an RSA key backed by a PKCS#11 token, could trigger a short heap overread. This memory corruption vulnerability could lead to information disclosure.
Impacto
Puntuación base 3.x
8.20
Gravedad 3.x
ALTA
Referencias a soluciones, herramientas e información
- https://access.redhat.com/errata/RHSA-2026:13274
- https://access.redhat.com/errata/RHSA-2026:20611
- https://access.redhat.com/errata/RHSA-2026:20612
- https://access.redhat.com/errata/RHSA-2026:20613
- https://access.redhat.com/errata/RHSA-2026:26319
- https://access.redhat.com/errata/RHSA-2026:26409
- https://access.redhat.com/errata/RHSA-2026:29197
- https://access.redhat.com/errata/RHSA-2026:30004
- https://access.redhat.com/errata/RHSA-2026:30849
- https://access.redhat.com/errata/RHSA-2026:30850
- https://access.redhat.com/errata/RHSA-2026:32962
- https://access.redhat.com/errata/RHSA-2026:33125
- https://access.redhat.com/security/cve/CVE-2026-5260
- https://bugzilla.redhat.com/show_bug.cgi?id=2467450
- https://www.gnutls.org/security-new.html#GNUTLS-SA-2026-04-29-10



