Lucene search
+L

3721 matches found

euvd
euvd
added 7 hours ago3 views

EUVD-2026-44920

HCL DFXAnalytics is affected by a Missing HTTP Strict-Transport-Security Header vulnerability. The application fails to implement the HTTP Strict Transport Security HSTS policy within its responses, which could allow a remote attacker to downgrade the communication channel to an unencrypted...

3.1CVSS6.1AI score
Exploits0References1
vulnrichment
vulnrichment
added yesterday4 views

CVE-2026-56434 NGINX ngx_http_ssi_module vulnerability

NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttpssimodule module. This vulnerability may exist when the Server-Side Includes SSI, proxypass, and proxybuffering off directives are configured. With this configuration, an unauthenticated attacker with man-in-the-middle MITM abili...

8.3CVSS6.1AI score
Exploits0References1
cvelist
cvelist
added yesterday27 views

CVE-2026-56434 NGINX ngx_http_ssi_module vulnerability

NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttpssimodule module. This vulnerability may exist when the Server-Side Includes SSI, proxypass, and proxybuffering off directives are configured. With this configuration, an unauthenticated attacker with man-in-the-middle MITM abili...

8.3CVSS
Exploits0References1
cve
cve
added yesterday44 views

CVE-2026-56434

Summary: CVE-2026-56434 affects the nginx ngx_http_ssi_module in NGINX Plus and NGINX Open Source when SSI, proxy_pass, and proxy_buffering are configured off. An unauthenticated attacker with MITM control over upstream responses can trigger a heap buffer over-read in the nginx worker process, po...

8.3CVSS6.1AI score
Exploits0References1
cve
cve
added yesterday12 views

CVE-2026-13385

The CVE-2026-13385 entry affects certain ASUS router models. It covers an vulnerability path where an attacker can perform a remote MITM to cause the device to download and execute arbitrary commands via a spoofed server, due to improper validation of the integrity check value and improper certif...

9.5CVSS6.3AI score0.00103EPSS
Exploits0References1
ptsecurity
ptsecurity
added yesterday10 views

PT-2026-58872

Name of the Vulnerable Software and Affected Versions ASUS router models affected versions not specified Description Improper Validation of Integrity Check Value and Improper Certificate Validation allow a remote man-in-the-middle MITM user to force the router to download and execute arbitrary...

9.5CVSS6.3AI score0.00103EPSS
Exploits0References4
nvd
nvd
added 3 days ago8 views

CVE-2026-58065

The Apache Airflow Git provider runs its git-over-SSH operations with StrictHostKeyChecking=no by default, disabling SSH host-key verification. An attacker who can intercept the network path between an Airflow worker and the Git server can impersonate the server man-in-the-middle, capturing the S...

8.1CVSS0.00461EPSS
Exploits0References3
euvd
euvd
added 3 days ago5 views

EUVD-2026-43499

The Apache Airflow Git provider runs its git-over-SSH operations with StrictHostKeyChecking=no by default, disabling SSH host-key verification. An attacker who can intercept the network path between an Airflow worker and the Git server can impersonate the server man-in-the-middle, capturing the S...

8.1CVSS6.1AI score0.00461EPSS
Exploits0References2
nvd
nvd
added 3 days ago4 views

CVE-2026-22093

The EVbee Service Android app uses TLS encrypted communication HTTPS, but does not validate the certificate provided by the server. This allows an attacker on the network path between the app and EVbee server to intercept and manipulate the communication between the app and server. The traffic is...

9.5CVSS0.00203EPSS
Exploits0References1
cvelist
cvelist
added 3 days ago30 views

CVE-2026-22093 Adversary-in-the-Middle (AitM) attack vulnerability in EVbee Service app

The EVbee Service Android app uses TLS encrypted communication HTTPS, but does not validate the certificate provided by the server. This allows an attacker on the network path between the app and EVbee server to intercept and manipulate the communication between the app and server. The traffic is...

9.5CVSS0.00203EPSS
Exploits0References1
redhat
redhat
added 3 days ago3 views

net-imap: ruby: Net::IMAP: Information disclosure via man-in-the-middle attack bypassing TLS

A flaw was found in the Ruby net-imap library. When upgrading a cleartext IMAP connection to TLS using the Net::IMAPstarttls method, the library improperly handles certain responses received during STARTTLS negotiation. A man-in-the-middle MITM attacker can inject a predicted tagged OK response...

7.6CVSS6AI score0.00324EPSS
Exploits0References12
osv
osv
added 6 days ago2 views

DEBIAN-CVE-2026-54919

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. In affected Mbed TLS backend versions from 0.31.0 through 0.46.1 and wolfSSL backend versions from 0.33.0 through 0.46.1, when cpp-httplib is built with CPPHTTPLIBMBEDTLSSUPPORT or CPPHTTPLIBWOLFSSLSUPPORT and a...

7.4CVSS6.9AI score0.00264EPSS
Exploits0References1
cvelist
cvelist
added 6 days ago31 views

CVE-2026-54919 cpp-httplib: TLS certificate chain verification bypassed for IP-literal hosts on Mbed TLS and wolfSSL backends

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. In affected Mbed TLS backend versions from 0.31.0 through 0.46.1 and wolfSSL backend versions from 0.33.0 through 0.46.1, when cpp-httplib is built with CPPHTTPLIBMBEDTLSSUPPORT or CPPHTTPLIBWOLFSSLSUPPORT and a...

7.4CVSS0.00264EPSS
Exploits0References3
cve
cve
added 6 days ago13 views

CVE-2026-54919

cpp-httplib on Mbed TLS and wolfSSL backends was vulnerable to a TLS certificate chain verification bypass for IP-literal hosts (affecting v0.31.0–0.46.1) when server verification was enabled; SSLClient/Client could skip chain validation and Mbed TLS WebSocketClient could skip verification. The i...

7.4CVSS6.9AI score0.00264EPSS
Exploits0References3Affected Software1
nvd
nvd
added 6 days ago7 views

CVE-2026-56254

In @capgo/capacitor-updater Cap-go/capgo before 12.128.2, the end-to-end encryption scheme distributes the private key to each device that downloads the app. Because the public key can be derived from the private key, an attacker performing a man-in-the-middle attack or compromising the Capgo...

8.3CVSS0.00151EPSS
Exploits0References2
cvelist
cvelist
added 6 days ago29 views

CVE-2026-56254 capacitor-updater - End-to-End Encryption Bypass via Private Key Distribution

In @capgo/capacitor-updater Cap-go/capgo before 12.128.2, the end-to-end encryption scheme distributes the private key to each device that downloads the app. Because the public key can be derived from the private key, an attacker performing a man-in-the-middle attack or compromising the Capgo...

8.3CVSS0.00151EPSS
Exploits0References2
veracode
veracode
added 6 days ago6 views

Improper Certificate Validation

Coder is vulnerable to Improper Certificate Validation. The vulnerability is due to the AI Bridge Proxy aibridgeproxyd creating a default HTTPS transport with InsecureSkipVerify enabled when no upstream proxy is configured, which allows an on-path man-in-the-middle attacker to present a forged TL...

7.4CVSS6.1AI score0.00258EPSS
Exploits0References8Affected Software2
cvelist
cvelist
added 2026/07/09 7:14 p.m.39 views

CVE-2026-0277 Prisma Access Agent: Improper Certificate Validation on iOS

An improper certificate validation vulnerability in the Prisma® Access Agent for iOS enables an attacker to perform a man-in-the-middle MitM attack to intercept VPN traffic. The Prisma Access Agent on Windows, macOS, Linux, Android and ChromeOS are not affected...

8.7CVSS0.00125EPSS
Exploits0References1
redhat
redhat
added 2026/07/09 5:43 p.m.5 views

net-imap: ruby: Net::IMAP: Information disclosure via man-in-the-middle attack bypassing TLS

A flaw was found in the Ruby net-imap library. When upgrading a cleartext IMAP connection to TLS using the Net::IMAPstarttls method, the library improperly handles certain responses received during STARTTLS negotiation. A man-in-the-middle MITM attacker can inject a predicted tagged OK response...

7.6CVSS5.8AI score0.00324EPSS
Exploits0References12
redhat
redhat
added 2026/07/09 3:29 p.m.7 views

netty-handler: Netty: Improper trust manager handling leads to hostname verification bypass

A flaw was found in Netty, a network application framework. This vulnerability allows a remote attacker to bypass hostname verification due to improper handling of user-supplied trust managers. When a client is configured with a plain X.509 Trust Manager X509TrustManager, it fails to perform...

7.5CVSS7AI score0.00269EPSS
Exploits0References7
Rows per page
Query Builder