A high-severity authentication bypass vulnerability in GnuTLS’s RSA-PSK implementation, tracked as CVE-2026-42010, was publicly disclosed in late April 2026. The flaw allows a remote attacker to inject a NUL byte during the TLS handshake and completely bypass certificate-based mutual authentication. Microsoft’s Security Update Guide has already listed the CVE, signaling potential impact on Windows servers or environments where GnuTLS libraries are deployed. Organizations that rely on RSA-PSK cipher suites for securing server-to-server or IoT communications must act now to mitigate the risk.

The core issue resides in how GnuTLS processes the Pre-Shared Key (PSK) identity within RSA-PSK handshakes. RSA-PSK combines RSA key exchange with a pre-shared symmetric key, offering an extra layer of security beyond standard certificate validation. When a client initiates a connection, it sends a PSK identity string as part of the ClientKeyExchange message. The server must verify this identity and ensure it matches the PSK paired with the RSA certificate presented. However, CVE-2026-42010 reveals that GnuTLS improperly handles NUL bytes (\x00) embedded inside that identity string. By inserting a NUL byte at a strategic position, an attacker can cause the library to truncate the identity comparison prematurely, leaving the server to accept an attacker-supplied certificate without verifying the PSK association.

In a typical exploit scenario, an attacker who controls a TLS client can craft a malicious ClientKeyExchange message. They append a NUL byte after a legitimate PSK identity, followed by arbitrary data. GnuTLS’s internal function, tasked with locating the shared secret for the presented identity, performs a string comparison that stops at the NUL byte. As a result, the server may match the truncated identity against a valid PSK entry—while the remaining part of the identity string is ignored. This mismatch effectively decouples the PSK from the RSA certificate chain, allowing the attacker to present any certificate they possess, even if it is not paired with the expected shared key. In essence, the server no longer correctly enforces the mutual trust model of RSA-PSK.

RSA-PSK is not the most common TLS cipher suite, but it finds use in specialized environments: industrial control systems, MQTT brokers, VPN concentrators, and certain cloud services that require both RSA certificate validation and a pre-shared key for defense-in-depth. Administrators who have configured their servers with ciphers like TLS_RSA_PSK_WITH_AES_128_CBC_SHA or TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 must investigate their exposure. CVSS 3.1 base score for CVE-2026-42010 is estimated at 8.1 (High), with the vector string indicating low attack complexity and no user interaction. Network-based attackers can exploit the flaw without prior authentication, making it particularly dangerous for internet-facing services.

The vulnerability was disclosed through coordinated channels, with contributions from a security researcher who reported it to the GnuTLS team and CERT/CC. Microsoft’s inclusion in the Security Update Guide (SUG) on April 28, 2026, raises important questions about Windows-specific impact. While Windows itself uses Schannel as its TLS provider and does not ship GnuTLS as a core component, many third-party applications on Windows bundle GnuTLS: Git for Windows, the Chocolatey package manager, various VPN clients, and cross-platform development tools often rely on it. Moreover, Windows Subsystem for Linux (WSL) distributions include GnuTLS in their userland, potentially exposing services running inside Linux VMs to the flaw if they accept TLS connections. Microsoft’s tracking of the CVE suggests that the company has either identified affected products in its own portfolio or wants to ensure Windows customers are aware of the risk when using software that depends on the vulnerable library.

Administrators should immediately audit all Windows and Linux servers for GnuTLS installations. On Windows, check directories under C:\Program Files\ for gnutls.dll or use PowerShell’s Get-Command to locate executables linked to libgnutls. On WSL instances, run dpkg -l | grep gnutls or rpm -qa | grep gnutls to list installed packages. GnuTLS versions prior to 3.8.8 and 3.7.10 are known to be affected. The GnuTLS project has released hotfix versions 3.8.9 and 3.7.11, which correct the NUL-byte handling in the internal function _gnutls_psk_client_get_session. Update all instances to these patched releases as soon as possible.

For environments where immediate patching is not feasible, mitigation revolves around disabling RSA-PSK cipher suites entirely. This can be done in the GnuTLS priority string configuration: remove any cipher starting with TLS_RSA_PSK. Application-level settings, such as the –ciphers argument in curl or the SSLCipherSuite directive in Apache, must be reviewed. However, simply disabling the cipher may break legitimate connections that rely on it, so a thorough testing cycle is essential. Network intrusion detection rules can also be deployed to detect anomalous ClientKeyExchange messages containing NUL bytes in the PSK identity field; tools like Snort or Suricata can be configured with a pattern matching rule until patches are applied.

The broader context of TLS vulnerabilities is reminiscent of past NUL-byte attacks. In 2009, Mozilla’s NSS library suffered from CVE-2009-2408, where a NUL byte in a certificate’s Common Name allowed bypassing hostname verification. OpenSSL has seen similar issues, such as CVE-2013-4242, which involved GnuTLS’s own certificate verification being fooled by NUL characters in the serial number. These flaws persist because string handling in C-based libraries often relies on null-terminated functions like strcmp() or strlen(), which can be tricked if untrusted input contains early terminators. Modern TLS libraries have gradually migrated to length-aware comparisons (memcmp()), but legacy code paths—like the PSK identity handling in GnuTLS—still harbored this dangerous pattern.

The disclosure timeline indicates that the vulnerability was reported privately on April 2, 2026. Vendors received a draft advisory on April 14, giving them two weeks to prepare. Microsoft published its SUG entry on April 28, aligning with the public disclosure. The researcher has not released a detailed exploit, but proof-of-concept code is expected to appear shortly, increasing the urgency for patching. At press time, no known in-the-wild exploitation had been observed, but the window is closing quickly.

Enterprise administrators handling hybrid Windows-Linux environments face additional complexity. For example, a Windows Server running an application server in a Docker container based on Alpine Linux may expose a TLS endpoint that uses GnuTLS within the container. Because Microsoft tracks the CVE, it may also release updates for Windows Defender or other security tools that scan for vulnerable binaries, similar to how it handled Heartbleed. The Microsoft Security Update Guide does not list any specific Microsoft patches, but it does reference the CVE as a “publicly disclosed vulnerability” that Windows users should be aware of when configuring third-party software.

Looking ahead, the GnuTLS maintainers have committed to a broader refactoring of the PSK identity handling to avoid similar issues in the future. The patch for CVE-2026-42010 not only fixes the NUL-byte truncation but also introduces unit tests specifically for NUL injection in identity strings. This proactive approach, coupled with static analysis improvements, should reduce the risk of analogous flaws in other parts of the codebase. Microsoft’s SUG tracking may also foster better coordination between the Windows ecosystem and the open-source TLS community, which is crucial as containerization and cross-platform deployments blur the lines between operating systems.

For the average Windows enthusiast running a personal server or developing applications that use GnuTLS, the message is clear: check your software dependencies. Use dependency scanning tools like Dependabot, OWASP Dependency-Check, or Snyk to alert you to vulnerable GnuTLS versions. If you maintain a custom build of an application that links statically to GnuTLS, re-link with the patched version. Failure to do so could allow a malicious actor to intercept or spoof encrypted communications, leading to data theft, command injection, or lateral movement within a network.

Microsoft’s Security Update Guide serves as a valuable early-warning system for Windows-centric IT teams. While the guide itself is not a patch, it aggregates vulnerability information that might affect Microsoft products or commonly used third-party components. Bookmarking the page for CVE-2026-42010 and checking it regularly for updates should be part of any security response plan. As of this writing, no Microsoft-specific bulletin has been issued, but administrators should watch for any future KB articles that address the CVE in relation to Windows Defender Application Guard, WSL, or other features.

In closing, CVE-2026-42010 is a textbook example of how a single mishandled NUL byte can undermine a multi-layered authentication mechanism. The RSA-PSK flaw in GnuTLS underscores the need for rigorous input validation in all security-sensitive string operations. While patches are available and the cipher suite in question is somewhat niche, the high severity demands prompt action. Windows administrators, in particular, should not dismiss this as a Linux-only issue—cross-platform tools and WSL make GnuTLS a silent guest on many Windows machines. Update all instances of GnuTLS to version 3.8.9 or 3.7.11 now, disable RSA-PSK where possible, and stay tuned to Microsoft’s advisory channels for any Windows-specific developments.