What is CVE-2026-6899?

CVE-2026-6899 is a medium-severity vulnerability, classified under Improper Check for Certificate Revocation. CVSS score: 5.6/10. Published 2026-06-09.

How severe is CVE-2026-6899?

Medium severity. CVSS v3 base score is 5.6 out of 10.

CVE-2026-6899

CVE-2026-6899

Check for certificate revocation only considers the first matching CRL and ignores other valid CRLs of the same CA in the CycloneCrypto cryptographic wrapper of S2OPC library. It might allow connection between an OPC UA client and server u…

CVSS v3 metric

CVSS v3 base score 5.6 (Medium). Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L.

Weakness classification (CWE)

CWE-299 — Improper Check for Certificate Revocation

References

cve@gitlab.com

Frequently asked questions

What is CVE-2026-6899?: CVE-2026-6899 is a medium-severity vulnerability, classified under Improper Check for Certificate Revocation. CVSS score: 5.6/10. Published 2026-06-09.
How severe is CVE-2026-6899?: Medium severity. CVSS v3 base score is 5.6 out of 10.