PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-42791 Erlang CVE debrief

A certificate validation flaw in Erlang/OTP's public_key library allows attackers to forge OCSP responses using expired responder certificates, potentially bypassing certificate revocation checks in TLS clients and authentication systems.

Vendor
Erlang
Product
OTP
CVSS
MEDIUM 6.3
CISA KEV
Not listed in stored evidence
Original CVE published
2026-05-27
Original CVE updated
2026-05-27
Advisory published
2026-05-27
Advisory updated
2026-05-27

Who should care

Organizations running Erlang/OTP-based TLS clients with OCSP stapling enabled; developers using public_key:pkix_ocsp_validate/5 for certificate revocation checking; certificate authorities and PKI operators managing OCSP infrastructure; security teams monitoring for certificate validation bypasses in Erlang applications.

Technical summary

The vulnerability exists in the pubkey_ocsp module of Erlang/OTP's public_key library. The functions verify_response/5 and is_authorized_responder/3 perform OCSP response verification without checking whether the OCSP responder certificate is currently valid (within its notBefore/notAfter validity period). An attacker who possesses the private key of an expired CA-designated OCSP responder certificate can cryptographically sign forged OCSP responses that indicate a revoked certificate is valid. Because Erlang/OTP accepts these responses, TLS clients using OCSP stapling may accept revoked server certificates, and applications performing client certificate validation via public_key:pkix_ocsp_validate/5 may allow authentication bypass with revoked client certificates. The CVSS 4.0 vector indicates network attack vector, high attack complexity, and low integrity impact to the vulnerable system with low subsequent impacts to confidentiality and integrity.

Defensive priority

medium

Recommended defensive actions

  • Upgrade Erlang/OTP to patched versions: OTP 27.3.4.12, 28.5.0.1, or 29.0.1 (corresponding public_key library versions 1.17.1.3, 1.20.3.1, or 1.21.1)
  • If immediate patching is not possible, disable OCSP stapling in TLS client configurations as a temporary mitigation
  • Review applications using public_key:pkix_ocsp_validate/5 directly for security-critical certificate validation and prioritize patching
  • Monitor TLS connections for anomalous certificate validation behavior, particularly where revoked certificates might be accepted
  • Verify OCSP responder certificate validity periods independently if using custom OCSP validation implementations

Evidence notes

CVE published 2026-05-27. Affects Erlang/OTP versions OTP 27.0 through 27.3.4.11, and public_key library versions 1.16 through 1.17.1.2. Fixed in OTP 27.3.4.12, 28.5.0.1, 29.0.1 and public_key 1.17.1.3, 1.20.3.1, 1.21.1. Root cause: pubkey_ocsp:verify_response/5 and pubkey_ocsp:is_authorized_responder/3 fail to validate the notBefore/notAfter validity period of OCSP responder certificates.

Official resources

2026-05-27