CVE-2026-29140

SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker to cause attacker-controlled certificates to be used for future encryption to a victim by adding the certificates to S/MIME signatures...

PT-2025-39298

Name of the Vulnerable Software and Affected Versions Cisco IOS XE Software for Catalyst 9800 Series Wireless Controllers for Cloud 9800-CL affected versions not specified Description A flaw exists in the Day One setup process that may allow a remote, unauthenticated attacker to access the...

CVE-2025-24350

CVE-2025-24350 affects the web application’s Certificates and Keys functionality in ctrlX OS. It allows a remote authenticated (low-priv) attacker to write arbitrary certificates to arbitrary file-system paths via a crafted HTTP request. The provided connected documents reiterate this description...

CVE-2025-24350

A vulnerability in the “Certificates and Keys” functionality of the web application of ctrlX OS allows a remote authenticated low-privileged attacker to write arbitrary certificates in arbitrary file system paths via a crafted HTTP request...

OpenJDK: LDAPCertStore insecure handling of LDAP referrals (JNDI, 8186606)

It was discovered that the LDAPCertStore class in the JNDI component of OpenJDK failed to securely handle LDAP referrals. An attacker could possibly use this flaw to make it fetch attacker controlled certificate data...