21589 matches found
CVE-2026-47828
The CVE affects bosh-cli versions prior to 7.10.4. During bosh create-env/delete-env, the CLI uploads CPI packages and rendered job templates to the VM’s DAV blobstore over HTTPS without verifying the server certificate, despite a CA certificate being present in the manifest. This enables a netwo...
CVE-2026-55436
Coder allows organizations to provision remote development environments via Terraform. Starting in version 2.30.0 and prior to versions 2.32.7, 2.33.8, and 2.34.2, the AI Bridge Proxy aibridgeproxyd created a goproxy server whose default transport set InsecureSkipVerify: true and only assigned a...
CVE-2026-55436 Coder's AI Bridge Proxy skips TLS certificate verification in default configuration
Coder allows organizations to provision remote development environments via Terraform. Starting in version 2.30.0 and prior to versions 2.32.7, 2.33.8, and 2.34.2, the AI Bridge Proxy aibridgeproxyd created a goproxy server whose default transport set InsecureSkipVerify: true and only assigned a...
CVE-2026-14935 Gstreamer: gstreamer: webrtcbin accepts remote sdp without a=fingerprint due to inverted presence check
A logic vulnerability was found in GStreamer's webrtcbin component. The checksdpcrypto function contains an inverted boolean condition that causes it to accept remote SDP offers or answers that lack the required a=fingerprint attribute, while incorrectly rejecting those that include it. An attack...
CVE-2026-14935
GStreamer webrtcbin contains a logic flaw in _check_sdp_crypto(): an inverted presence check allows remote SDP offers/answers without the a=fingerprint attribute, while rejecting ones that include it. This could let an attacker intercepting WebRTC signaling bypass the SDP-level DTLS certificate f...
PYSEC-2026-1111 aiosmtpd STARTTLS unencrypted commands injection
Summary Servers based on aiosmtpd accept extra unencrypted commands after STARTTLS, treating them as if they came from inside the encrypted connection. This could be exploited by a MitM attack. References NO STARTTLS: Similar vulnerabilities discovered by previous researchers...
Coder's AI Bridge Proxy skips TLS certificate verification in default configuration
Summary The AI Bridge Proxy aibridgeproxyd created a goproxy server whose default transport set InsecureSkipVerify: true and only assigned a secure transport when an upstream proxy was configured. In the default configuration no upstream proxy, outbound HTTPS to the Coder access URL accepted any...
undici: undici: Man-in-the-Middle attack via ignored TLS options with SOCKS5 proxy
A flaw was found in undici. When undici's ProxyAgent is configured with a SOCKS5 proxy Uniform Resource Identifier URI, it silently ignores Transport Layer Security TLS options, such as custom Certificate Authorities CAs. This allows a remote attacker to perform a Man-in-the-Middle MITM attack,...
CVE-2026-9547
The CVE-2026-9547 issue affects libcurl when performing SCP/SFTP transfers with CURLOT_SSH_KEYFUNCTION in the SSH key callback. A host-key type mismatch for a known_hosts entry may be silently accepted, bypassing the intended validation and allowing connections to succeed without warning, which e...
PT-2026-54772
Name of the Vulnerable Software and Affected Versions erlang/quic versions prior to 1.4.4 Description The QUIC client fails to authenticate the server during the TLS 1.3 handshake. Specifically, the verify process is ineffective because the CertificateVerify signature is not checked, the...
CVE-2025-12530
IBM watsonx.data intelligence 5.2.2, 5.3.0, 5.3.1, 5.3.1 through patch-1 transmits data in clear text that could allow an attacker to obtain sensitive information using man in the middle techniques...
EUVD-2025-210384
IBM watsonx.data intelligence 5.2.2, 5.3.0, 5.3.1, 5.3.1 through patch-1 transmits data in clear text that could allow an attacker to obtain sensitive information using man in the middle techniques...
net-imap: ruby: Net::IMAP: Information disclosure via man-in-the-middle attack bypassing TLS
A flaw was found in the Ruby net-imap library. When upgrading a cleartext IMAP connection to TLS using the Net::IMAPstarttls method, the library improperly handles certain responses received during STARTTLS negotiation. A man-in-the-middle MITM attacker can inject a predicted tagged OK response...
net-imap: ruby: Net::IMAP: Information disclosure via man-in-the-middle attack bypassing TLS
A flaw was found in the Ruby net-imap library. When upgrading a cleartext IMAP connection to TLS using the Net::IMAPstarttls method, the library improperly handles certain responses received during STARTTLS negotiation. A man-in-the-middle MITM attacker can inject a predicted tagged OK response...
net-imap: ruby: Net::IMAP: Information disclosure via man-in-the-middle attack bypassing TLS
A flaw was found in the Ruby net-imap library. When upgrading a cleartext IMAP connection to TLS using the Net::IMAPstarttls method, the library improperly handles certain responses received during STARTTLS negotiation. A man-in-the-middle MITM attacker can inject a predicted tagged OK response...
CVE-2026-44946
CVE-2026-44946 describes a SAML authentication replay vulnerability in Rancher’s Assertion Consumer Service (ACS) handler, where one-time use of SAML assertions was not enforced. The issue can enable man‑in‑the‑middle style abuse against Rancher, affecting Rancher 2.14.0 up to (but not including)...
EUVD-2026-40304
A SAML authentication replay vulnerability in Rancher's Assertion Consumer Service ACS handler did not enforce one-time use of SAML assertion, potentially allowing person in the middle attacks against Rancher, affecting Rancher 2.14.0 before 2.14.3,...
Important: ruby:4.0 security update
Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fixes: ruby: net-imap: Net::IMAP: Denial of Service via crafted IMAP responses CVE-2026-42245 ruby/net-imap: ruby: Net::IMAP: IMAP Comman...
PT-2026-53973
Name of the Vulnerable Software and Affected Versions IBM watsonx.data intelligence version 5.2.2 IBM watsonx.data intelligence version 5.3.0 IBM watsonx.data intelligence versions 5.3.1 through patch-1 Description The software transmits data in clear text, which could allow an attacker to obtain...
gnutls: gnutls: Certificate validation bypass due to oversized Subject Alternative Name
A flaw was found in gnutls. When validating certificates, an oversized Subject Alternative Name SAN could cause the validation process to incorrectly fall back to checking the Common Name CN field. This could allow a remote attacker to bypass proper certificate validation, potentially leading to...