CVE-2026-42505
Low
False PositiveConfig.EncryptedClientHelloConfigList on the client. KrakenD does not
expose or enable ECH on its backend TLS client connections, so it never emits an ECH outer
ClientHello and the vulnerable PSK path is never executed. The Go team classified the issue
as limited impact (a privacy degradation, not a confidentiality or integrity break).Addressed through routine dependency maintenance in CE 2.13.8 and EE 2.13.6.
Component
Go standard library (crypto/tls)
Disclosed
Jul 8, 2026
crypto/tls included the Pre-Shared Key (PSK) extension in the outer ClientHello of an
Encrypted Client Hello (ECH) handshake. An on-path attacker could collect these outer
ClientHellos and replay them with arbitrary guessed SNI values: a server accepting the PSK
would fail binder validation, giving the attacker a probing oracle that degrades the privacy
ECH is meant to provide. The fix omits the PSK extension from the ECH outer ClientHello.
This does not affect KrakenD, which does not enable Encrypted Client Hello on its outbound
TLS connections.Stay up to date with KrakenD releases and important updates