CVE-2026-25160
CVE-2026-25160 affects Alist prior to 3.57.0, where TLS certificate verification is disabled by default for all outgoing storage communications. This insecure TLS configuration enables potential Man-in-the-Middle (MitM) attacks, allowing interception, decryption, and possible tampering of data du...