CVE Catalog
CVE-2026-8286
UnknownSummary
A vulnerability allows reusing an existing live connection for a new transfer using STARTTLS even when the TLS configuration mismatches. This could lead to unauthorized data access or man-in-the-middle attacks.
Risk Assessment
The organization is at risk of data interception or modification, as TLS connections may be incorrectly shared across different security contexts.
Recommendation
Immediately update to a patched version of the software and enforce strict TLS configuration matching before reusing connections.
Original NVD description (English source)
A vulnerability exists where a new transfer that uses STARTTLS to upgrade the connection might reuse an existing live connection even though the TLS configuration mismatches so it should not.

