CVE-2026-42508: Previously, a revoked 'SignatureKey' belonging to a CA was not correct ...

Severity: Critical

CVSS Score: 9.1

Previously, a revoked 'SignatureKey' belonging to a CA was not correctly checked for revocation. Now, both the 'key' and 'key.SignatureKey' are checked for @revoked.