CVE-2026-27145

MEDIUM

Inefficient candidate hostname parsing in crypto/x509

Title source: cna
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2026-27145. PoCs published by HORKimhab.

AI-analyzed exploit summary The repository contains no functional exploit code, only a template README with generic usage instructions and a placeholder file structure. No technical details about CVE-2026-27145 are provided.

Description

(*x509.Certificate).VerifyHostname previously called matchHostnames in a loop over all DNS Subject Alternative Name (SAN) entries. This caused strings.Split(host, ".") to execute repeatedly on the same input hostname. With a large DNS SAN list, verification costs scaled quadratically based on the number of SAN entries multiplied by the hostname's label count. Because x509.Verify validates hostnames before building the certificate chain, this overhead occurred even for untrusted certificates.

Exploits (1)

github STUB
by HORKimhab · poc
https://github.com/HORKimhab/CVE-2026-27145

The repository contains no functional exploit code, only a template README with generic usage instructions and a placeholder file structure. No technical details about CVE-2026-27145 are provided.

Classification
Stub 95%
Attack Type
Other
Complexity
Trivial
Reliability
Theoretical
Target: unspecified
No auth needed
devstral-2 · analyzed Jun 03, 2026 Full analysis →

References (4)

Core 4

Scores

CVSS v3 6.5
EPSS 0.0001
EPSS Percentile 1.5%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

Status published
Products (2)
Go standard library/crypto/x509 < 1.25.11
Go standard library/crypto/x509 1.26.0-0 - 1.26.4
Published Jun 02, 2026
Tracked Since Jun 03, 2026