A vulnerability was found in undici up to 7.27.x/8.4.x and classified as problematic . The impacted element is an unknown function of the component Setting Handler . Executing a manipulation of the argument servername can lead to improper certificate validation. This vulnerability is tracked as CVE-2026-9697 . The attack can be launched remotely. No exploit exists. It is suggested to upgrade the affected component.