HIGH
ongres
CVE published 2026-07-17
CVE-2026-53712
A flaw in the SCRAM authentication mechanism, part of the Simple Authentication and Security Layer (SASL), allows a man-in-the-middle attacker to silently downgrade a connection from SCRAM-SHA-256-PLUS with channel binding to standard SCRAM-SHA-256 without channel binding. This occurs when TlsServerEndpoint processes an X.509 certificate using a modern signature algorithm such as Ed25519, causing getChann [truncated]