Rustls-webpki Security Flaw: Wildcard Name Constraints Improperly Validated, Patching Underway

A critical security vulnerability has been identified in the widely-used `rustls-webpki` crate, a core component for certificate validation in Rust's TLS ecosystem. The flaw, tracked as RUSTSEC-2026-0099 and GHSA-xgp8-3hg3-c2mh, involves the improper acceptance of permitted subtree name constraints for certificates asserting a wildcard DNS name. This incorrect validation could allow a certificate for `*.example.com` to be accepted under a name constraint of `accept.example.com`, potentially permitting access to a name like `reject.example.com` that should be explicitly outside the permitted boundary. The issue represents a significant logic error in the library's certificate path validation.

The vulnerability affects `rustls-webpki` versions `0.103.11` and earlier. The maintainers have released patched versions `>=0.103.12` and `<0.104.0-alpha.1`, or `>=0.104.0-alpha.6`. The flaw is notably similar to a previously disclosed issue, CVE-2025-61727, referenced from a Go language security report, indicating a recurring pattern in cryptographic library implementations. The GitHub issue shows active work-in-progress (WIP) status, with a developer assigned to resolve the problem and update the pull request description as a plan is formed and progress is made.

This vulnerability places immediate pressure on all downstream projects and services relying on `rustls-webpki` for secure TLS connections. Organizations must urgently audit their dependency trees and upgrade to a patched version to mitigate the risk of certificate validation bypass. The flaw's discovery triggers scrutiny over the robustness of name constraint handling across the broader cryptographic library landscape, as similar logic errors have surfaced in other language ecosystems. The ongoing patch development signals a coordinated response to close a critical security gap in a fundamental internet trust mechanism.