CVE-2025-58742

CVE-2025-58742 affects Milner ImageDirector Capture for Windows, specifically the Connection Settings dialog. The vulnerability arises when an attacker can modify the Server field to redirect client authentication, enabling Adversary in the Middle (AiTM) and exposing credentials. Affected version...

CVE-2025-58742 Insufficient Configuration Protections Enable Database Credential Interception in Milner ImageDirector Capture

Insufficiently Protected Credentials, Improper Restriction of Communication Channel to Intended Endpoints vulnerability in the Connection Settings dialog in Milner ImageDirector Capture on Windows allows Adversary in the Middle AiTM by modifying the 'Server' field to redirect client...

CVE-2025-11043

An Improper Certificate Validation vulnerability in the OPC-UA client and ANSL over TLS client used in Automation Studio versions before 6.5 could allow an unauthenticated attacker on the network to position themselves to intercept and interfere with data exchanges...

MiracleLinux 4 : thunderbird-78.7.0-1.0.1.AXS4 (AXSA:2021-1432:01)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-1432:01 advisory. Mozilla: Cross-origin information leakage via redirected PDF requests CVE-2021-23953 Mozilla: Type confusion when using logical assignment operators...

CVE-2025-11043

An Improper Certificate Validation vulnerability in the OPC-UA client and ANSL over TLS client used in Automation Studio versions before 6.5 could allow an unauthenticated attacker on the network to position themselves to intercept and interfere with data exchanges...

CVE-2025-11043 Improper Server Certificate Validation in Automation Studio

An Improper Certificate Validation vulnerability in the OPC-UA client and ANSL over TLS client used in Automation Studio versions before 6.5 could allow an unauthenticated attacker on the network to position themselves to intercept and interfere with data exchanges...

CVE-2025-11043

CVE-2025-11043 : ABB Automation Studio is affected by an improper certificate validation vulnerability in the OPC-UA client and the ANSL over TLS client, impacting versions before 6.5. An unauthenticated attacker on the network can position themselves to intercept and interfere with data exchange...

EUVD-2026-3213

An Improper Certificate Validation vulnerability in the OPC-UA client and ANSL over TLS client used in Automation Studio versions before 6.5 could allow an unauthenticated attacker on the network to position themselves to intercept and interfere with data exchanges...

PT-2026-3449

Name of the Vulnerable Software and Affected Versions Automation Studio versions prior to 6.5 Description An Improper Certificate Validation issue exists in the OPC-UA client and ANSL over TLS client. This could allow an unauthenticated attacker on the network to intercept and interfere with data...

B&R Automation Studio Trust Management Vulnerability

B&R Automation Studio is an integrated development environment provided by the Austrian company B&R. Versions of B&R Automation Studio prior to version 6.5 contained a trust management vulnerability. This vulnerability stemmed from improper verification of OPC-UA client and ANSL over TLS client...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002389)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002389 advisory. The WRMSR processing functionality in the KVM subsystem in the Linux kernel through 3.17.2 does not properly handle the writing of a non-canonical address to a...

CVE-2026-22689

Mailpit is an email testing tool and API for developers. Prior to version 1.28.2, the Mailpit WebSocket server is configured to accept connections from any origin. This lack of Origin header validation introduces a Cross-Site WebSocket Hijacking CSWSH vulnerability. An attacker can host a malicio...

CVE-2022-50910 Beehive Forum - Account Takeover

Beehive Forum 1.5.2 contains a host header injection vulnerability in the forgot password functionality that allows attackers to manipulate password reset requests. Attackers can inject a malicious host header to intercept password reset tokens and change victim account passwords without direct...

CVE-2022-50910

Beehive Forum 1.5.2 has a host header injection flaw in the Forgot Password flow. The vulnerability lets an attacker inject a malicious Host header to intercept password reset tokens and change the victim’s password without direct authentication. Root cause: improper host header handling in the p...

CVE-2022-50910 Beehive Forum - Account Takeover

Beehive Forum 1.5.2 contains a host header injection vulnerability in the forgot password functionality that allows attackers to manipulate password reset requests. Attackers can inject a malicious host header to intercept password reset tokens and change victim account passwords without direct...

EUVD-2026-1872

Mailpit is vulnerable to Cross-Site WebSocket Hijacking CSWSH allowing unauthenticated access to emails...

YoSmart YoLink Smart Hub

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to remotely control other users' smart home devices, intercept sensitive data, and hijack sessions. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation...

FreeBSD : mail/mailpit -- Cross-Site WebSocket Hijacking (d822839e-ee4f-11f0-b53e-0897988a1c07)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the d822839e-ee4f-11f0-b53e-0897988a1c07 advisory. Mailpit author reports: The Mailpit WebSocket server is configured to accept connections from any origi...

CVE-2026-22689

Mailpit prior to v1.28.2 is vulnerable to Cross-Site WebSocket Hijacking (CSWSH) because the WebSocket upgrader accepts connections from any origin (CheckOrigin always true). This enables a malicious site to create a WebSocket to ws://localhost:8025 and receive real-time data such as email conten...

CVE-2023-29681

Cleartext Transmission in cookie:ecospw: in Tenda N301 v6.0, firmware v12.03.01.06pt allows an authenticated attacker on the LAN or WLAN to intercept communications with the router and obtain the password...