21584 matches found
CVE-2026-14935
GStreamer webrtcbin contains a logic flaw in _check_sdp_crypto(): an inverted presence check allows remote SDP offers/answers without the a=fingerprint attribute, while rejecting ones that include it. This could let an attacker intercepting WebRTC signaling bypass the SDP-level DTLS certificate f...
CVE-2026-14935 Gstreamer: gstreamer: webrtcbin accepts remote sdp without a=fingerprint due to inverted presence check
A logic vulnerability was found in GStreamer's webrtcbin component. The checksdpcrypto function contains an inverted boolean condition that causes it to accept remote SDP offers or answers that lack the required a=fingerprint attribute, while incorrectly rejecting those that include it. An attack...
Coder's AI Bridge Proxy skips TLS certificate verification in default configuration
Summary The AI Bridge Proxy aibridgeproxyd created a goproxy server whose default transport set InsecureSkipVerify: true and only assigned a secure transport when an upstream proxy was configured. In the default configuration no upstream proxy, outbound HTTPS to the Coder access URL accepted any...
undici: undici: Man-in-the-Middle attack via ignored TLS options with SOCKS5 proxy
A flaw was found in undici. When undici's ProxyAgent is configured with a SOCKS5 proxy Uniform Resource Identifier URI, it silently ignores Transport Layer Security TLS options, such as custom Certificate Authorities CAs. This allows a remote attacker to perform a Man-in-the-Middle MITM attack,...
CVE-2026-9547
The CVE-2026-9547 issue affects libcurl when performing SCP/SFTP transfers with CURLOT_SSH_KEYFUNCTION in the SSH key callback. A host-key type mismatch for a known_hosts entry may be silently accepted, bypassing the intended validation and allowing connections to succeed without warning, which e...
CVE-2025-12530
IBM watsonx.data intelligence 5.2.2, 5.3.0, 5.3.1, 5.3.1 through patch-1 transmits data in clear text that could allow an attacker to obtain sensitive information using man in the middle techniques...
EUVD-2025-210384
IBM watsonx.data intelligence 5.2.2, 5.3.0, 5.3.1, 5.3.1 through patch-1 transmits data in clear text that could allow an attacker to obtain sensitive information using man in the middle techniques...
net-imap: ruby: Net::IMAP: Information disclosure via man-in-the-middle attack bypassing TLS
A flaw was found in the Ruby net-imap library. When upgrading a cleartext IMAP connection to TLS using the Net::IMAPstarttls method, the library improperly handles certain responses received during STARTTLS negotiation. A man-in-the-middle MITM attacker can inject a predicted tagged OK response...
net-imap: ruby: Net::IMAP: Information disclosure via man-in-the-middle attack bypassing TLS
A flaw was found in the Ruby net-imap library. When upgrading a cleartext IMAP connection to TLS using the Net::IMAPstarttls method, the library improperly handles certain responses received during STARTTLS negotiation. A man-in-the-middle MITM attacker can inject a predicted tagged OK response...
net-imap: ruby: Net::IMAP: Information disclosure via man-in-the-middle attack bypassing TLS
A flaw was found in the Ruby net-imap library. When upgrading a cleartext IMAP connection to TLS using the Net::IMAPstarttls method, the library improperly handles certain responses received during STARTTLS negotiation. A man-in-the-middle MITM attacker can inject a predicted tagged OK response...
EUVD-2026-40304
A SAML authentication replay vulnerability in Rancher's Assertion Consumer Service ACS handler did not enforce one-time use of SAML assertion, potentially allowing person in the middle attacks against Rancher, affecting Rancher 2.14.0 before 2.14.3,...
CVE-2026-44946
CVE-2026-44946 describes a SAML authentication replay vulnerability in Rancher’s Assertion Consumer Service (ACS) handler, where one-time use of SAML assertions was not enforced. The issue can enable man‑in‑the‑middle style abuse against Rancher, affecting Rancher 2.14.0 up to (but not including)...
PT-2026-53973
Name of the Vulnerable Software and Affected Versions IBM watsonx.data intelligence version 5.2.2 IBM watsonx.data intelligence version 5.3.0 IBM watsonx.data intelligence versions 5.3.1 through patch-1 Description The software transmits data in clear text, which could allow an attacker to obtain...
Important: ruby:4.0 security update
Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fixes: ruby: net-imap: Net::IMAP: Denial of Service via crafted IMAP responses CVE-2026-42245 ruby/net-imap: ruby: Net::IMAP: IMAP Comman...
gnutls: gnutls: Security bypass due to incorrect name constraint handling
A flaw was found in gnutls. This vulnerability occurs because permitted name constraints were incorrectly ignored when previous Certificate Authorities CAs only had excluded name constraints. A remote attacker could exploit this to bypass critical name constraint checks during certificate...
gnutls: gnutls: Certificate validation bypass due to oversized Subject Alternative Name
A flaw was found in gnutls. When validating certificates, an oversized Subject Alternative Name SAN could cause the validation process to incorrectly fall back to checking the Common Name CN field. This could allow a remote attacker to bypass proper certificate validation, potentially leading to...
CVE-2025-15661
A flaw in libssh2's sftpsymlink function allows a malicious SSH server or man-in-the-middle attacker to trigger an out-of-bounds heap read via a crafted SSHFXPNAME response. This can disclose heap memory contents or crash the application, causing a denial of service DoS. Mitigation Implement stri...
CVE-2026-44017
A flaw was found in Docling. The EasyOCR model download functionality improperly extracts ZIP archives without validating member paths, enabling Zip Slip attacks. If an attacker compromises the model download source e.g., via a supply chain or Man-in-the-Middle MITM attack, they could write...
gnutls: gnutls: Certificate validation bypass due to oversized Subject Alternative Name
A flaw was found in gnutls. When validating certificates, an oversized Subject Alternative Name SAN could cause the validation process to incorrectly fall back to checking the Common Name CN field. This could allow a remote attacker to bypass proper certificate validation, potentially leading to...
SUSE CVE-2026-42246
Net::IMAP implements Internet Message Access Protocol IMAP client functionality in Ruby. Prior to versions 0.3.10, 0.4.24, 0.5.14, and 0.6.4, a man-in-the-middle attacker can cause Net::IMAPstarttls to return "successfully", without starting TLS. This issue has been patched in versions 0.3.10,...