Improper Certificate Validation vulnerability in Erlang OTP public_key (pubkey_ocsp module) allows forged OCSP responses signed with an expired responder certificate to be accepted as valid. OCSP response verification in pubkey_ocsp:verify_response/5 and pubkey_ocsp:is_authorized_responder/3 in lib/public_key/src/pubkey_ocsp.erl does not check the validity period (notBefore/notAfter) of the OCSP responder certificate. An attacker who has obtained the private key of an expired CA-designated OCSP responder certificate can forge OCSP responses that Erlang/OTP accepts as valid. This affects TLS clients using OCSP stapling via the ssl application: a malicious or compromised server can present a revoked TLS certificate together with a forged OCSP response signed by an expired responder key, and the client will accept the revoked certificate as valid. It also affects applications calling public_key:pkix_ocsp_validate/5 directly, where the impact depends on the use case — server-side client certificate validation using this API may allow authentication bypass with a revoked client certificate. This issue affects OTP from OTP 27.0 before OTP 27.3.4.12, 28.5.0.1, and 29.0.1 corresponding to public_key from 1.16 before 1.17.1.3, 1.20.3.1, and 1.21.1.

An update of the erlang package has been released.

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20907-1 advisory.

    This update for erlang fixes the following issues

    - CVE-2025-4748: improper limitation of a pathname may lead to path traversal (bsc#1244642).
    - CVE-2026-32147: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in SFTP     chroot       (bsc#1262503).
    - CVE-2026-42789: `public_key` application accepts non-CA certificates as intermediate issuers and this     enables chain       forgery (bsc#1266449).
    - CVE-2026-42790: Name Constraints and Subject CommonName fallback in TLS hostname verification allows for     certificate       forgery by MITM attacker (bsc#1266466).
    - CVE-2026-42791: OCSP response verification in the `public_key` application does not check the validity     period of the       OCSP responder certificate and allows for OCSP response response forgery (bsc#1266448).

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of Erlang/OTP installed on the remote host is 27.0 prior to 27.3.4.12, 28.0 prior to 28.5.0.1, or 29.0 prior to 29.0.1. It is, therefore, affected by a vulnerability:

  - Improper Certificate Validation vulnerability in Erlang OTP public_key (pubkey_ocsp module)     allows forged OCSP responses signed with an expired responder certificate to be accepted     as valid. (CVE-2026-42791)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

  - Improper Certificate Validation vulnerability in Erlang OTP public_key (pubkey_ocsp module) allows forged     OCSP responses signed with an expired responder certificate to be accepted as valid. OCSP response     verification in pubkey_ocsp:verify_response/5 and pubkey_ocsp:is_authorized_responder/3 in     lib/public_key/src/pubkey_ocsp.erl does not check the validity period (notBefore/notAfter) of the OCSP     responder certificate. An attacker who has obtained the private key of an expired CA-designated OCSP     responder certificate can forge OCSP responses that Erlang/OTP accepts as valid. This affects TLS clients     using OCSP stapling via the ssl application: a malicious or compromised server can present a revoked TLS     certificate together with a forged OCSP response signed by an expired responder key, and the client will     accept the revoked certificate as valid. It also affects applications calling     public_key:pkix_ocsp_validate/5 directly, where the impact depends on the use case  server-side client     certificate validation using this API may allow authentication bypass with a revoked client certificate.
    This issue affects OTP from OTP 27.0 before OTP 27.3.4.12, 28.5.0.1, and 29.0.1 corresponding to     public_key from 1.16 before 1.17.1.3, 1.20.3.1, and 1.21.1. (CVE-2026-42791)

Note that Nessus relies on the presence of the package as reported by the vendor.

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 9357d6fb-5a54-11f1-b886-4c526214c986 advisory.

    https://github.com/erlang/otp/security/advisories/GHSA-cjxj-wj6x-3fff reports:
    Erlang/OTP's public_key application fails to validate the               validity period of OCSP responder certificates during               response verification. An attacker possessing an expired               OCSP responder's private key can forge responses that the               system accepts as valid, potentially allowing acceptance of               revoked TLS certificates in OCSP stapling scenarios or               authentication bypass in applications using the               public_key:pkix_ocsp_validate/5 API directly.

Tenable has extracted the preceding description block directly from the FreeBSD security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

ID	Name	Product	Family	Severity
321790	Photon OS 5.0: Erlang PHSA-2026-5.0-0883	Nessus	PhotonOS Local Security Checks	high
320423	openSUSE 16 Security Update : erlang (openSUSE-SU-2026:20907-1)	Nessus	SuSE Local Security Checks	high
317740	Erlang/OTP 27.0 < 27.3.4.12 / 28.0 < 28.5.0.1 / 29.0 < 29.0.1 OCSP Expired Responder Certificate Bypass (CVE-2026-42791)	Nessus	Misc.	medium
317587	Linux Distros Unpatched Vulnerability : CVE-2026-42791	Nessus	Misc.	medium
317387	FreeBSD : Erlang/OTP -- OCSP responder certificate accepted after expiry in public_key (9357d6fb-5a54-11f1-b886-4c526214c986)	Nessus	FreeBSD Local Security Checks	medium

Detections

Analytics

CVE-2026-42791

medium

Tenable Plugins

high

high

medium

medium

medium