CVE-2026-27137

HIGH

Security Bulletin: IBM App Connect Enterprise Certified Container operator and IntegrationRuntime & IntegrationServer operands are vulnerable to loss of confidentiality (CVE-2026-27137) and denial of service (CVE-2026-27138)

Details

CVSS v3: 7.5
NVD published: 2026-03-06 22:16:00
EPSS: <0.1% probability · 3.2th percentile — 2026-04-23
Affected versions: cpe:2.3:a:golang:go:1.26.0:*:*:*:*:*:*:*
Summary: When verifying a certificate chain which contains a certificate containing multiple email address constraints which share common local portions but different domain portions, these constraints will not be properly applied, and only the last constraint will be considered.
Remediation: Not available in our cache.
Exploit info: Not available in our cache.

View on NVD

TopVuln sends digest emails with high-risk CVE picks across multiple authoritative sources—curated with EPSS and AI. Choose daily per-stream emails and optional weekly or monthly roundups.

Subscribe — free email digest or paid plan

Information is aggregated from multiple authoritative sources for convenience; verify with NVD and vendors before operational decisions.