RUSTSEC-2026-0099: Rustls-webpki Bug Incorrectly Accepts Wildcard Certificates Against Name Constraints

A critical vulnerability in the `rustls-webpki` library, a core component for TLS certificate validation in Rust, incorrectly accepts wildcard certificates that violate explicit name constraints. The flaw, designated RUSTSEC-2026-0099, means a certificate for `*.example.com` could be wrongly validated as permitted under a constraint like `accept.example.com`, potentially allowing access to unauthorized subdomains such as `reject.example.com`. This bypass occurs after successful signature verification, making it a subtle but significant logic error in the trust chain.

The bug affects versions `0.103.10` of the `rustls-webpki` package and was publicly disclosed on April 14, 2026. Patched versions are available (`>=0.103.12, <0.104.0-alpha.1, >=0.104.0-alpha.6`). The advisory notes the issue is very similar to a prior Go vulnerability, CVE-2025-61727, highlighting a recurring pattern in cryptographic library implementations where wildcard handling intersects with name constraint validation.

This vulnerability directly impacts any service or application relying on `rustls-webpki` for secure TLS connections where certificate name constraints are enforced. While exploitation requires a specific misconfiguration where a constrained CA issues a wildcard certificate, the flaw undermines a fundamental security boundary. System administrators and developers using Rust for network services must prioritize updating to the patched versions to close this validation gap and maintain intended domain isolation.