从该网页截图中可以获得以下关于漏洞的关键信息: CVE ID: CVE-2026-26327 Severity: High Summary: - Unauthenticated TXT records in discovery beacons could steer routing and TLS pinning, potentially leading to an attacker collecting gateway credentials. - Issues with unauthenticated TXT records treated as routing or pinning inputs by some clients. - Platforms affected: iOS, macOS, Android. Affected and Patched Versions: - Affected: = 2026.2.14 Fix: - Adjusting how resolved service endpoints are prioritized over TXT-provided inputs. - Preventing discovery-provided fingerprints from overriding stored TLS pins. - Requiring user confirmation for first-time TLS pins on iOS/Android. - Ensuring hostname verification isn't globally disabled in Android. Fix Commit(s): - Identifiers for the commits that address the vulnerability. Distribution/Exposure: Limited impact due to pre-release status but potential risk in a shared/untrusted LAN environment. Credits: - Reporting by @simecek.