Skip to main content
Version: v1.1.x

CVE-2026-42505

CVE Details

Visit the official vulnerability details page for CVE-2026-42505 to learn more.

Initial Publication

07/08/2026

Last Update

07/08/2026

Third Party Dependency

go

NIST CVE Summary

Handshakes which used Encrypted Client Hello could be de-anonymized by a passive network observer due to a disclosure of pre-shared key identities in the unencrypted client hello.

CVE Severity

5.3

Our Official Summary

Investigation is ongoing to determine how this vulnerability affects our products.

Status

Received

Affected Products & Versions

VersionPaletteAIPaletteAI VerteX
1.1.6⚠️ Impacted⚠️ Impacted
1.0.7⚠️ Impacted⚠️ Impacted

Revision History

No revisions available.