Lucene search
K

250 matches found

NVD
NVD
added 2 days ago7 views

CVE-2026-55605

DeepSeek MCP Server is an MCP server for DeepSeek V4. Starting in version 1.4.2 and prior to version 1.8.0, the self-hosted HTTP transport of @arikusi/deepseek-mcp-server exposes POST /mcp without any authentication: createMcpExpressApp is called without an authProvider and no middleware guards t...

5.3CVSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2 days ago3 views

CVE-2026-55605

DeepSeek MCP Server is an MCP server for DeepSeek V4. Starting in version 1.4.2 and prior to version 1.8.0, the self-hosted HTTP transport of @arikusi/deepseek-mcp-server exposes POST /mcp without any authentication: createMcpExpressApp is called without an authProvider and no middleware guards t...

5.3CVSS5.9AI score
Exploits0References4Affected Software1
NVD
NVD
added 2026/06/25 8:17 p.m.9 views

CVE-2026-55964

Chain intermediate CA:TRUE without keyCertSign accepted as a signing CA. Intermediate CA certificates are required to have the keyCertSign key usage when a Key Usage extension is present, but chain-supplied temporary CAs WOLFSSLTEMPCA added while building a certificate path were previously exempt...

6.3CVSS0.00118EPSS
Exploits0References2
OSV
OSV
added 2026/06/25 8:17 p.m.4 views

DEBIAN-CVE-2026-55964

Chain intermediate CA:TRUE without keyCertSign accepted as a signing CA. Intermediate CA certificates are required to have the keyCertSign key usage when a Key Usage extension is present, but chain-supplied temporary CAs WOLFSSLTEMPCA added while building a certificate path were previously exempt...

5.3CVSS5.8AI score0.00118EPSS
Exploits0References1
OSV
OSV
added 2026/06/25 8:17 p.m.5 views

UBUNTU-CVE-2026-55964

Chain intermediate CA:TRUE without keyCertSign accepted as a signing CA. Intermediate CA certificates are required to have the keyCertSign key usage when a Key Usage extension is present, but chain-supplied temporary CAs WOLFSSLTEMPCA added while building a certificate path were previously exempt...

6.3CVSS5.8AI score0.00118EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/25 7:30 p.m.6 views

EUVD-2026-39544

Chain intermediate CA:TRUE without keyCertSign accepted as a signing CA. Intermediate CA certificates are required to have the keyCertSign key usage when a Key Usage extension is present, but chain-supplied temporary CAs WOLFSSLTEMPCA added while building a certificate path were previously exempt...

6.3CVSS5.9AI score0.00118EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/25 7:30 p.m.36 views

CVE-2026-55964 Chain intermediate CA:TRUE without keyCertSign accepted as a signing CA (temporary CA exemption)

Chain intermediate CA:TRUE without keyCertSign accepted as a signing CA. Intermediate CA certificates are required to have the keyCertSign key usage when a Key Usage extension is present, but chain-supplied temporary CAs WOLFSSLTEMPCA added while building a certificate path were previously exempt...

6.3CVSS0.00118EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/25 7:30 p.m.7 views

CVE-2026-55964

Chain intermediate CA:TRUE without keyCertSign accepted as a signing CA. Intermediate CA certificates are required to have the keyCertSign key usage when a Key Usage extension is present, but chain-supplied temporary CAs WOLFSSLTEMPCA added while building a certificate path were previously exempt...

6.3CVSS5.9AI score0.00118EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/06/25 7:30 p.m.17 views

CVE-2026-55964

CVE-2026-55964 describes a change in certificate path validation affecting OpenSSL-compatibility path building (X509_verify_cert / X509_STORE). Previously, chain-supplied temporary CAs (WOLFSSL_TEMP_CA) could be accepted as signing CAs even if the intermediate CA had CA:TRUE but lacked keyCertSig...

6.3CVSS5.9AI score0.00118EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2026/06/25 7:30 p.m.5 views

CVE-2026-55964

Chain intermediate CA:TRUE without keyCertSign accepted as a signing CA. Intermediate CA certificates are required to have the keyCertSign key usage when a Key Usage extension is present, but chain-supplied temporary CAs WOLFSSLTEMPCA added while building a certificate path were previously exempt...

6.3CVSS5.8AI score0.00118EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.12 views

PT-2026-52573

Name of the Vulnerable Software and Affected Versions wolfSSL affected versions not specified Description An issue exists where chain intermediate certificates asserting CA:TRUE but lacking the keyCertSign key usage were accepted as signing CAs. This occurs because chain-supplied temporary CAs...

6.3CVSS5.8AI score0.00118EPSS
Exploits0References5
OSV
OSV
added 2026/06/22 5:23 p.m.2 views

USN-8447-3 google-guest-agent vulnerabilities

USN-8447-1 fixed vulnerabilities in Go Cryptography. This update provides the corresponding updates for Go Cryptography code embedded in Google Guest Agent. Original advisory details: It was discovered that Go Cryptography did not properly handle SSH global request responses. A remote attacker...

10CVSS6.1AI score0.00533EPSS
Exploits0References5
Ubuntu
Ubuntu
added 2026/06/22 5:23 p.m.4 views

USN-8447-3: Google Guest Agent vulnerabilities

USN-8447-1 fixed vulnerabilities in Go Cryptography. This update provides the corresponding updates for Go Cryptography code embedded in Google Guest Agent. Original advisory details: It was discovered that Go Cryptography did not properly handle SSH global request responses. A remote attacker...

10CVSS6.2AI score0.00533EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2026/06/16 12:16 p.m.8 views

python-pyjwt: PyJWT: Authentication bypass due to forged JSON Web Tokens

A flaw was found in PyJWT, a Python library for JSON Web Token JWT implementation. When decoding JWTs, the library fails to validate the use of JSON Web Keys JWK in the HMAC algorithm while also supporting asymmetric algorithms. This allows a remote attacker to use the issuer's public key as the...

7.4CVSS5.5AI score0.00394EPSS
Exploits1References5
EUVD
EUVD
added 2026/06/15 9:30 p.m.10 views

EUVD-2026-36765

In OCaml-TLS before 2.1.0, the server implementation does insufficient checks of the certificate provided by the client when doing client authentication, which allows impersonation with certificates that are not meant for client authentication because of KeyUsage and ExtendedKeyUsage...

5.2AI score0.00191EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/15 9:30 p.m.11 views

EUVD-2026-36764

In OCaml-TLS before 2.1.0, the client implementation does insufficient checks of the certificate provided by the server, which allows impersonation with certificates that are not meant for server authentication because of KeyUsage and ExtendedKeyUsage...

5.2AI score0.00225EPSS
Exploits1References2
NVD
NVD
added 2026/06/15 8:16 p.m.9 views

CVE-2026-45388

In OCaml-TLS before 2.1.0, the client implementation does insufficient checks of the certificate provided by the server, which allows impersonation with certificates that are not meant for server authentication because of KeyUsage and ExtendedKeyUsage...

9.1CVSS0.00225EPSS
Exploits1References1
NVD
NVD
added 2026/06/15 8:16 p.m.11 views

CVE-2026-45389

In OCaml-TLS before 2.1.0, the server implementation does insufficient checks of the certificate provided by the client when doing client authentication, which allows impersonation with certificates that are not meant for client authentication because of KeyUsage and ExtendedKeyUsage...

7.4CVSS0.00191EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/15 12:0 a.m.6 views

CVE-2026-45389

In OCaml-TLS before 2.1.0, the server implementation does insufficient checks of the certificate provided by the client when doing client authentication, which allows impersonation with certificates that are not meant for client authentication because of KeyUsage and ExtendedKeyUsage...

5.2AI score0.00191EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/15 12:0 a.m.29 views

CVE-2026-45389

In OCaml-TLS before 2.1.0, the server implementation does insufficient checks of the certificate provided by the client when doing client authentication, which allows impersonation with certificates that are not meant for client authentication because of KeyUsage and ExtendedKeyUsage...

0.00191EPSS
Exploits0References1
Rows per page
Query Builder