CVE-2026-1584 — Vulnetix

CVE-2026-1584 PUBLISHED CVSS 7.5 HIGH

A flaw was found in gnutls. A remote, unauthenticated attacker can exploit this vulnerability by sending a specially crafted ClientHello message with an invalid Pre-Shared Key (PSK) binder value during the TLS handshake. This can lead to a NULL pointer dereference, causing the server to crash and resulting in a remote Denial of Service (DoS) condition.

EPSS 0.11% · 28.9th percentile

Risk Scores

CVSS 3.1

7.5

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS Score

0.11%

28.9th percentile

Affected Products

Vendor	Product	Versions
Red Hat	Red Hat Enterprise Linux 6
Red Hat	Red Hat OpenShift Container Platform 4
GnuTLS	GnuTLS
Red Hat	Red Hat Hardened Images
Red Hat	Red Hat Enterprise Linux 7
Red Hat	Red Hat Enterprise Linux 10
Red Hat	Red Hat Enterprise Linux 9
Red Hat	Red Hat Enterprise Linux 8

Exploit Intelligence

CIRCL seen: CVE-2026-1584 (circl-sighting)
CIRCL seen: CVE-2026-1584 (circl-sighting)
CIRCL seen: CVE-2026-1584 (circl-sighting)
CIRCL seen: CVE-2026-1584 (circl-sighting)
https://access.redhat.com/security/cve/CVE-2026-1584 (circl)
RHBZ#2435258 (circl)

Timeline

Feb 9, 2026 PoC Published
Feb 9, 2026 PoC Published
Feb 10, 2026 CVE Published
Feb 10, 2026 PoC Published
Feb 12, 2026 PoC Published
Apr 10, 2026 Security Advisory
May 4, 2026 Distribution Patch
May 4, 2026 Security Advisory
May 18, 2026 EPSS Score
May 19, 2026 EPSS Score
May 20, 2026 EPSS Score
May 21, 2026 EPSS Score

References

https://access.redhat.com/security/cve/CVE-2026-1584 vdb
RHBZ#2435258 issue
https://www.gnutls.org/security-new.html#GNUTLS-SA-2026-02-09-1 advisory
https://www.gnutls.org/security-new.html#GNUTLS-SA-2026-02-09-2 advisory
https://nvd.nist.gov/vuln/detail/CVE-2026-1584 advisory
https://advisory.splunk.com/advisories/SVD-2026-0512 advisory
https://advisory.splunk.com/advisories/SVD-2026-0513 advisory
https://advisory.splunk.com/advisories/SVD-2026-0509 advisory
https://advisory.splunk.com/advisories/SVD-2026-0510 advisory
https://advisory.splunk.com/advisories/SVD-2026-0505 advisory
https://advisory.splunk.com/advisories/SVD-2026-0515 advisory
https://advisory.splunk.com/advisories/SVD-2026-0507 advisory
https://advisory.splunk.com/advisories/SVD-2026-0506 advisory
https://advisory.splunk.com/advisories/SVD-2026-0508 advisory
https://advisory.splunk.com/advisories/SVD-2026-0504 advisory
https://advisory.splunk.com/advisories/SVD-2026-0514 advisory
https://advisory.splunk.com/advisories/SVD-2026-0516 advisory
https://advisory.splunk.com/advisories/SVD-2026-0501 advisory
https://advisory.splunk.com/advisories/SVD-2026-0503 advisory
https://advisory.splunk.com/advisories/SVD-2026-0511 advisory

…and 1 more

Open in Interactive Console →