Main Vulnerability Database SB2026041427

SB2026041427 - IBM z/Transaction Processing Facility update for cryptography

Published: April 14, 2026

Security Bulletin ID SB2026041427

Severity

Medium

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Remote access

Highest impact Data manipulation

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Improper Certificate Validation (CVE-ID: CVE-2026-34073)

The vulnerability allows a remote attacker to bypass certificate name constraints validation.

The vulnerability exists due to improper certificate validation in the X.509 certificate validation logic when validating a peer name against a wildcard SAN certificate chain. A remote attacker can present a crafted certificate chain to bypass certificate name constraints validation.

Exploitation requires an uncommon X.509 topology involving an excluded subtree constraint that matches the peer name.

Remediation

Install update from vendor's website.

References

https://www.ibm.com/support/pages/node/7269270