CSIRTS // UNIFIED SECURITY ADVISORY FEEDSYS ● ONLINE · POWERED BY INTELFUSIONS.COM

CVE-2026-6412

mediumCVSS 4.3covered by 2 sourcesfirst seen 2026-06-09
Certificate policy and RFC 8446 compliance concerns regarding the continued acceptance of SHA-1/MD5 in certificate processing.

CSIRTS triage

Other
What
The vulnerability involves the continued acceptance of SHA-1/MD5 digests in certificate processing.
Who is affected
Deployments using affected certificate processing methods.
Urgency
Remediation is medium urgency due to the potential for exploitation in certain contexts.
Action
Review and update certificate processing methods to avoid SHA-1/MD5 digests.

AI-assisted analysis generated from the source advisory — verify against the original.

⚡ Watch CVE-2026-6412

Get an email if CVE-2026-6412 is added to CISA KEV, gains public exploit code, or a new advisory cites it — max one per day, one-click unsubscribe.

Exploitation outlook

Advisory coverage (2)

External references

NVD record for CVE-2026-6412

CVE.org record

Embed the live status

CVE-2026-6412 live status badge — this badge updates automatically when the KEV or exploit status changes. How to embed it →

[![CVE-2026-6412 status](https://www.csirts.com/badge/CVE-2026-6412)](https://www.csirts.com/cve/CVE-2026-6412)