Vulnerability in Erlang Otp

CVE-2026-32144

Improper Certificate Validation vulnerability in Erlang OTP public_key (pubkey_ocsp module) allows OCSP designated-responder authorization bypass via missing signature verification. The OCSP response validation in public_key:pkix_ocsp_val…

Vulnerability class: Improper Certificate Validation

EPSS: 0.000 (11.9th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

References