When verifying a certificate chain containing excluded DNS constraints, these constraints are not correctly applied to wildcard DNS SANs which use a different case than the constraint. This only affects validation of otherwise trusted certificate chains, issued by a root CA in the VerifyOptions.Roots CertPool, or in the system certificate pool.
https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-33810.json
https://pkg.go.dev/vuln/GO-2026-4866
https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU
https://bugzilla.redhat.com/show_bug.cgi?id=2456335
https://access.redhat.com/security/cve/CVE-2026-33810
https://access.redhat.com/errata/RHSA-2026:9385
https://access.redhat.com/errata/RHSA-2026:7291
https://access.redhat.com/errata/RHSA-2026:36796
https://access.redhat.com/errata/RHSA-2026:36651
https://access.redhat.com/errata/RHSA-2026:34365
https://access.redhat.com/errata/RHSA-2026:29854
https://access.redhat.com/errata/RHSA-2026:28047
https://access.redhat.com/errata/RHSA-2026:26585
https://access.redhat.com/errata/RHSA-2026:26571
https://access.redhat.com/errata/RHSA-2026:26568
https://access.redhat.com/errata/RHSA-2026:25089
https://access.redhat.com/errata/RHSA-2026:24478
https://access.redhat.com/errata/RHSA-2026:23345
https://access.redhat.com/errata/RHSA-2026:22962
https://access.redhat.com/errata/RHSA-2026:22961
https://access.redhat.com/errata/RHSA-2026:22960
https://access.redhat.com/errata/RHSA-2026:22959
https://access.redhat.com/errata/RHSA-2026:22958
https://access.redhat.com/errata/RHSA-2026:22862
https://access.redhat.com/errata/RHSA-2026:22485
https://access.redhat.com/errata/RHSA-2026:22347
https://access.redhat.com/errata/RHSA-2026:21772
https://access.redhat.com/errata/RHSA-2026:21769
https://access.redhat.com/errata/RHSA-2026:19721
https://access.redhat.com/errata/RHSA-2026:19720
https://access.redhat.com/errata/RHSA-2026:19719
https://access.redhat.com/errata/RHSA-2026:19353
https://access.redhat.com/errata/RHSA-2026:19144
https://access.redhat.com/errata/RHSA-2026:19135
https://access.redhat.com/errata/RHSA-2026:14391
https://access.redhat.com/errata/RHSA-2026:13545
https://access.redhat.com/errata/RHSA-2026:10158
https://access.redhat.com/errata/RHSA-2026:10155