CVE-2026-42791 - Vulnerability Details

- OCSP responder certificate validity period not checked in public_key

Description

Improper Certificate Validation vulnerability in Erlang OTP public_key (pubkey_ocsp module) allows forged OCSP responses signed with an expired responder certificate to be accepted as valid.

OCSP response verification in pubkey_ocsp:verify_response/5 and pubkey_ocsp:is_authorized_responder/3 in lib/public_key/src/pubkey_ocsp.erl does not check the validity period (notBefore/notAfter) of the OCSP responder certificate. An attacker who has obtained the private key of an expired CA-designated OCSP responder certificate can forge OCSP responses that Erlang/OTP accepts as valid.

This affects TLS clients using OCSP stapling via the ssl application: a malicious or compromised server can present a revoked TLS certificate together with a forged OCSP response signed by an expired responder key, and the client will accept the revoked certificate as valid. It also affects applications calling public_key:pkix_ocsp_validate/5 directly, where the impact depends on the use case — server-side client certificate validation using this API may allow authentication bypass with a revoked client certificate.

This issue affects OTP from OTP 27.0 before OTP 27.3.4.12, 28.5.0.1, and 29.0.1 corresponding to public_key from 1.16 before 1.17.1.3, 1.20.3.1, and 1.21.1.

Published: 2026-05-27

Score: 6.3 Medium

EPSS: n/a

KEV: No

Impact:

Action:

Analysis

Impact

Improper certificate validation in Erlang OTP’s public_key module allows an attacker to forge OCSP responses signed with an expired OCSP responder certificate. Because the verifier does not check the responder’s notBefore/notAfter fields, revoked TLS certificates can be presented to the client as valid. This flaw enables authentication bypass for both TLS server certificates and client certificates validated via public_key:pkix_ocsp_validate/5, potentially leading to unauthorized access.

Affected Systems

The vulnerability affects Erlang/OTP releases from 27.0 up to but not including 27.3.4.12, 28.5.0.1, and 29.0.1, along with corresponding public_key libraries 1.16 up to 1.17.1.3 (OTP 27), 1.20.3.1 (OTP 28), and 1.21.1 (OTP 29). Users running these versions of Erlang/OTP are at risk. All installations that rely on OCSP stapling via the ssl application or that call public_key:pkix_ocsp_validate/5 directly are potentially impacted.

Risk and Exploitability

With a CVSS score of 6.3, the vulnerability poses moderate severity. The EPSS score is unavailable, and it is not listed in the CISA KEV catalog, indicating no widespread exploitation yet. An attacker who has obtained the private key of an expired OCSP responder certificate can forge responses that an Erlang/OTP client will accept. Attack vector: a malicious or compromised server presenting a revoked certificate alongside a forged OCSP response.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Erlang

OTP

unknown

Version	Status	Constraints
`1.16`	affected	< *

Erlang

OTP

unknown

Version	Status	Constraints
`27.0`	affected	< *
`2b1a742c651b90f8a7a1fb2ddde73f29915ea376`	affected	< *

No data.

Vendor Product Confidence Versions

Erlang

Erlang/otp

95%

Version	Status	Scheme	Platform
`[1.16,*]`	affected	generic	—
`[27.0,*]`	affected	generic	—
`2b1a742c651b90f8a7a1fb2ddde73f29915ea376`	affected	code_commit	—

Erlang

Otp

100%

Version	Status	Scheme	Platform
`[1.16,*]`	affected	generic	—

Erlang

Otp

100%

Version	Status	Scheme	Platform
`[27.0,*]`	affected	generic	—
`2b1a742c651b90f8a7a1fb2ddde73f29915ea376`	affected	code_commit	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

Vendor Workaround

* For TLS clients using the ssl application, disable OCSP stapling by setting {stapling, no_staple} in the client options, or switch to CRL-based revocation checking with {crl_check, true}. * For applications calling public_key:pkix_ocsp_validate/5 directly, validate the responder certificate's validity period in application code before calling the function.

OpenCVE Recommended Actions

Upgrade Erlang/OTP to the latest release that includes the pubkey_ocsp patch (e.g., OTP 27.3.4.12, 28.5.0.2, or 29.0.1.1 or newer).
If an upgrade cannot be performed immediately, configure TLS clients to disable OCSP stapling by setting {stapling, no_staple} in the ssl options, or enable CRL‑based revocation checking with {crl_check, true}.
For applications that call public_key:pkix_ocsp_validate/5 directly, add explicit validation of the responder certificate’s validity period in your code before invoking the function.

Generated by OpenCVE AI on May 27, 2026 at 16:17 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

Attack Vector Network

Attack Complexity High

Privileges Required None

Attack Requirements Present

User Interaction None

Vulnerable System Confidentiality Impact None

Vulnerable System Integrity Impact Low

Vulnerable System Availability Impact None

Subsequent System Confidentiality Impact Low

Subsequent System Integrity Impact Low

Subsequent System Availability Impact None

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Exploitation none

Automatable no

Technical Impact partial

References

Link	Providers
https://cna.erlef.org/cves/CVE-2026-42791.html
https://github.com/erlang/otp/commit/7995f1fdaee3da569bb810358ce0f546471d169b
https://github.com/erlang/otp/commit/b3870e02405c709a872b01ba6086065620cdfe76
https://github.com/erlang/otp/security/advisories/GHSA-cjxj-wj6x-3fff
https://osv.dev/vulnerability/EEF-CVE-2026-42791
https://www.erlang.org/doc/system/versions.html#order-of-versions

History

Wed, 27 May 2026 16:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Erlang erlang/otp Erlang otp
Vendors & Products		Erlang erlang/otp Erlang otp

Wed, 27 May 2026 16:30:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Wed, 27 May 2026 14:15:00 +0000

Type	Values Removed	Values Added
Description		Improper Certificate Validation vulnerability in Erlang OTP public_key (pubkey_ocsp module) allows forged OCSP responses signed with an expired responder certificate to be accepted as valid. OCSP response verification in pubkey_ocsp:verify_response/5 and pubkey_ocsp:is_authorized_responder/3 in lib/public_key/src/pubkey_ocsp.erl does not check the validity period (notBefore/notAfter) of the OCSP responder certificate. An attacker who has obtained the private key of an expired CA-designated OCSP responder certificate can forge OCSP responses that Erlang/OTP accepts as valid. This affects TLS clients using OCSP stapling via the ssl application: a malicious or compromised server can present a revoked TLS certificate together with a forged OCSP response signed by an expired responder key, and the client will accept the revoked certificate as valid. It also affects applications calling public_key:pkix_ocsp_validate/5 directly, where the impact depends on the use case — server-side client certificate validation using this API may allow authentication bypass with a revoked client certificate. This issue affects OTP from OTP 27.0 before OTP 27.3.4.12, 28.5.0.1, and 29.0.1 corresponding to public_key from 1.16 before 1.17.1.3, 1.20.3.1, and 1.21.1.
Title		OCSP responder certificate validity period not checked in public_key
First Time appeared		Erlang Erlang erlang\/otp
Weaknesses		CWE-295 CWE-672
CPEs		cpe:2.3:a:erlang:erlang\/otp::::::::
Vendors & Products		Erlang Erlang erlang\/otp
References		https://cna.erlef.org/cves/CVE-2026-42791.html https://github.com/erlang/otp/commit/7995f1fdaee3da569bb810358ce0f546471d169b https://github.com/erlang/otp/commit/b3870e02405c709a872b01ba6086065620cdfe76 https://github.com/erlang/otp/security/advisories/GHSA-cjxj-wj6x-3fff https://osv.dev/vulnerability/EEF-CVE-2026-42791 https://www.erlang.org/doc/system/versions.html#order-of-versions
Metrics		cvssV4_0 `{'score': 6.3, 'vector': 'CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N'}`

Subscriptions

Erlang Erlang/otp Erlang\/otp Otp

MITRE

Status: PUBLISHED

Assigner: EEF

Published: 2026-05-27T12:23:13.584Z

Updated: 2026-05-27T15:41:07.758Z

Reserved: 2026-04-29T18:06:33.251Z

Link: CVE-2026-42791

Vulnrichment

Updated: 2026-05-27T15:40:33.572Z

NVD

Status : Received

Published: 2026-05-27T14:16:53.460

Modified: 2026-05-27T14:16:53.460

Link: CVE-2026-42791

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-05-27T16:30:36Z

Weaknesses

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Network

Attack Complexity High

Privileges Required None

Attack Requirements Present

User Interaction None

Vulnerable System Confidentiality Impact None

Vulnerable System Integrity Impact Low

Vulnerable System Availability Impact None

Subsequent System Confidentiality Impact Low

Subsequent System Integrity Impact Low

Subsequent System Availability Impact None

Exploitation none

Automatable no

Technical Impact partial

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object