CVE-2026-32884 - Vulnerability Details

- Botan: Case-Insensitive CN Values Bypass DNS excludedSubtrees Name Constraints (RFC 5280 Violation)

Description

Botan is a C++ cryptography library. Prior to version 3.11.0, during processing of an X.509 certificate path using name constraints which restrict the set of allowable DNS names, if no subject alternative name is defined in the end-entity certificate Botan would check that the CN was allowed by the DNS name constraints, even though this check is technically not required by RFC 5280. However this check failed to account for the possibility of a mixed-case CN. Thus a certificate with CN=Sub.EVIL.COM and no subject alternative name would bypasses an excludedSubtrees constraint for evil.com because the comparison is case-sensitive. This issue has been patched in version 3.11.0.

Published: 2026-03-30

Score: 5.9 Medium

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

A flaw in Botan's handling of name constraints allows a certificate with a mixed‑case Common Name and no Subject Alternative Name to bypass DNS excludedSubtrees restrictions. The library performs a case‑sensitive comparison during path validation, which is incorrect per RFC 5280. Consequently, an attacker can issue a certificate that appears valid to the library while violating the intended name constraint policy, enabling potential impersonation or fraud.

Affected Systems

This issue affects the Randombit Botan C++ cryptography library in all releases prior to version 3.11.0. Software that incorporates Botan without upgrading may be vulnerable if it validates X.509 certificates with name constraints.

Risk and Exploitability

The vulnerability carries a CVSS score of 5.9, indicating moderate severity. EPSS data is not available, and it is not listed in the CISA KEV catalog. The attack vector is inferred to be remote: an adversary can simply submit a specially crafted certificate to an application that performs certificate path validation using Botan. Because the flaw lies in the library's internal logic, no additional conditions are required beyond the presence of name constraints and a CN with mixed case.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

randombit

botan

affected

Version	Status	Constraints
`< 3.11.0`	affected	—

No data.

Vendor Product Confidence Versions

Randombit

Botan

100%

Version	Status	Scheme	Platform
`[0,3.11.0)`	affected	semver	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Upgrade to Botan version 3.11.0 or later
If immediate upgrade is not possible, modify or supplement validation logic to enforce case‑insensitive CN checks or require a Subject Alternative Name
Maintain up‑to‑date dependencies and monitor for related advisories

Generated by OpenCVE AI on March 31, 2026 at 05:39 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00016.

Exploitation none

Automatable no

Technical Impact partial

References

Link	Providers
https://github.com/randombit/botan/security/advisories/GHSA-7c3g-7763-ggj5

History

Wed, 01 Apr 2026 02:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Randombit Randombit botan
Vendors & Products		Randombit Randombit botan

Tue, 31 Mar 2026 19:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Tue, 31 Mar 2026 03:00:00 +0000

Type	Values Removed	Values Added
Description		Botan is a C++ cryptography library. Prior to version 3.11.0, during processing of an X.509 certificate path using name constraints which restrict the set of allowable DNS names, if no subject alternative name is defined in the end-entity certificate Botan would check that the CN was allowed by the DNS name constraints, even though this check is technically not required by RFC 5280. However this check failed to account for the possibility of a mixed-case CN. Thus a certificate with CN=Sub.EVIL.COM and no subject alternative name would bypasses an excludedSubtrees constraint for evil.com because the comparison is case-sensitive. This issue has been patched in version 3.11.0.
Title		Botan: Case-Insensitive CN Values Bypass DNS excludedSubtrees Name Constraints (RFC 5280 Violation)
Weaknesses		CWE-295
References		https://github.com/randombit/botan/security/advisories/GHSA-7c3g-7763-ggj5
Metrics		cvssV3_1 `{'score': 5.9, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N'}`

Subscriptions

Randombit Botan

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2026-03-30T20:36:19.729Z

Updated: 2026-03-31T18:53:35.754Z

Reserved: 2026-03-16T21:03:44.421Z

Link: CVE-2026-32884

Vulnrichment

Updated: 2026-03-31T18:50:35.503Z

NVD

Status : Received

Published: 2026-03-30T21:17:10.093

Modified: 2026-03-30T21:17:10.093

Link: CVE-2026-32884

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-03-31T20:40:05Z

Weaknesses

CWE-295

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object