CVE-2026-45388

Vulnerability Description

In OCaml-TLS before 2.1.0, the client implementation does insufficient checks of the certificate provided by the server, which allows impersonation with certificates that are not meant for server authentication (because of KeyUsage and ExtendedKeyUsage).

Vulnerability Details

Published Date

June 15, 2026

Last Modified

June 15, 2026

Source

NVD

External References

https://osv.dev/vulnerability/OSEC-2026-06

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment