Lucene search
K

97 matches found

Hacker One
Hacker One
added 2026/06/26 8:40 a.m.19 views

curl: mbedTLS / wolfSSL / rustls backends silently skip hostname verification when CURLOPT_SSL_VERIFYPEER=0

Summary When an application sets CURLOPTSSLVERIFYPEER=0 while keeping CURLOPTSSLVERIFYHOST=2 the default, the mbedTLS, wolfSSL, and rustls TLS backends silently skip the hostname-vs-certificate check. The OpenSSL, GnuTLS, and Schannel backends correctly preserve hostname checking under the same...

6.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/20 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-9697

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Impact: undici's ProxyAgent silently drops the requestTls option when configured with a SOCKS5 proxy URI socks5:// or socks://. The target HTTPS connection...

7.4CVSS6.7AI score0.00459EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/18 2:28 p.m.10 views

EUVD-2026-37763

undici vulnerable to TLS certificate validation bypass via dropped requestTls in SOCKS5 ProxyAgent...

7.4CVSS5.8AI score0.00459EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/06/18 2:28 p.m.10 views

undici vulnerable to TLS certificate validation bypass via dropped requestTls in SOCKS5 ProxyAgent

Impact undici's ProxyAgent silently drops the requestTls option when configured with a SOCKS5 proxy URI socks5:// or socks://. The target HTTPS connection through the SOCKS5 tunnel falls back to Node's default trust store, ignoring user-configured ca, cert, key, rejectUnauthorized, and servername...

7.4CVSS5.9AI score0.00459EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/18 12:0 a.m.27 views

PT-2026-50823

Name of the Vulnerable Software and Affected Versions armeria-xds versions 1.38.0 through 1.39.0 Description DataSourceStream in the xDS module resolves filename and environment variable fields from SDS Secret resources without an allow-list or base-directory confinement. This allows a compromise...

5.9CVSS6AI score0.00198EPSS
Exploits0References12
NVD
NVD
added 2026/06/17 6:18 p.m.15 views

CVE-2026-9697

Impact: undici's ProxyAgent silently drops the requestTls option when configured with a SOCKS5 proxy URI socks5:// or socks://. The target HTTPS connection through the SOCKS5 tunnel falls back to Node's default trust store, ignoring user-configured ca, cert, key, rejectUnauthorized, and servernam...

7.4CVSS0.00459EPSS
Exploits0References11
Vulnrichment
Vulnrichment
added 2026/06/17 4:46 p.m.6 views

CVE-2026-9697 undici vulnerable to TLS certificate validation bypass via dropped requestTls in SOCKS5 ProxyAgent

Impact: undici's ProxyAgent silently drops the requestTls option when configured with a SOCKS5 proxy URI socks5:// or socks://. The target HTTPS connection through the SOCKS5 tunnel falls back to Node's default trust store, ignoring user-configured ca, cert, key, rejectUnauthorized, and servernam...

7.4CVSS6.4AI score0.00459EPSS
Exploits0References2
CVE
CVE
added 2026/06/17 4:46 p.m.71 views

CVE-2026-9697

undici’s ProxyAgent drops the requestTls option when used with a SOCKS5 proxy (socks5:// or socks://), causing the HTTPS connection to rely on Node’s default trust store and ignore user-provided ca, cert, key, rejectUnauthorized, and servername. This allows any cert signed by a publicly trusted C...

7.4CVSS5.4AI score0.00459EPSS
Exploits0References11Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/06/16 12:0 a.m.23 views

Ubuntu 16.04 LTS / 18.04 LTS : Ruby vulnerabilities (USN-8431-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8431-1 advisory. It was discovered that Ruby's Net::IMAP library did not properly verify that Transport Layer Security TLS encryption was started after issuin...

9.8CVSS5.7AI score0.00429EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/02 7:58 a.m.9 views

Security Bulletin: IBM Engineering Systems Design Rhapsody TestConductor was affected by CVE-2012-5783, CVE-2012-6153

Summary IBM Engineering Systems Design Rhapsody TestConductor was vulnerable to man-in-the-middle attacks caused by not verifying that the server hostname matches a domain name in the subject's Common Name CN or subjectAltName field of the X.509 certificate. This allows man-in-the-middle attacker...

5.8CVSS6.9AI score0.09254EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/01 12:0 a.m.16 views

PT-2026-45366

Name of the Vulnerable Software and Affected Versions Apache Airflow versions prior to 3.2.2 Description The JWTRefreshMiddleware sets the JWT authentication cookie without the Secure flag. In deployments where the Airflow API server is positioned behind an HTTPS-terminating reverse proxy, the...

5.9CVSS5.4AI score0.00265EPSS
Exploits0References8
EUVD
EUVD
added 2026/05/26 9:34 p.m.13 views

EUVD-2026-32014

The OpenTelemetry.Exporter.Instana exports telemetry to Instana backend. Prior to 1.1.0, the OpenTelemetry.Exporter.Instana NuGet package does not validate HTTPS/TLS certificates are valid when sending telemetry to a configured Instana back-end when a proxy is configured using the...

6.5CVSS5.8AI score0.00207EPSS
Exploits0References1
Snyk
Snyk
added 2026/05/25 11:19 p.m.8 views

Sensitive Cookie in HTTPS Session Without "Secure" Attribute

Overview org.apache.shiro:shiro-web is a powerful and easy-to-use Java security framework that performs authentication, authorization, cryptography, and session management. Affected versions of this package are vulnerable to Sensitive Cookie in HTTPS Session Without "Secure" Attribute in the form...

6.5CVSS5.8AI score0.00272EPSS
Exploits0References2
CVE
CVE
added 2026/05/25 9:34 a.m.32 views

CVE-2026-45361

CVE-2026-45361 affects the Apache Airflow Google provider: ComputeEngineSSHHook disables SSH host-key verification by default, allowing an attacker on-path to intercept or modify SSH sessions between an Airflow worker and a Compute Engine VM. The vulnerability is tied to the ComputeEngineSSHHook ...

8.1CVSS5.8AI score0.0059EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/05/20 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-42246

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Net::IMAP implements Internet Message Access Protocol IMAP client functionality in Ruby. Prior to versions 0.3.10, 0.4.24, 0.5.14, and 0.6.4, a man-in-the-middl...

7.6CVSS5.9AI score0.00324EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/14 8:51 p.m.7 views

CVE-2026-44700

Elixir WebRTC is an Elixir implementation of the W3C WebRTC API. Prior to 0.15.1 and 0.16.1, missing DTLS peer certificate fingerprint validation in the DTLS client active role removes one side of WebRTC's mutual authentication. The bug is not independently exploitable for media interception in...

8.7CVSS5.8AI score0.00255EPSS
Exploits0References6Affected Software1
EUVD
EUVD
added 2026/05/14 4:15 p.m.13 views

EUVD-2026-30330

cssparser is a Ruby CSS parser. Prior to 2.1.0 and 1.22.0, the CSS Parser gem does not validate HTTPS connections, allowing a Man-in-the-Middle MITM attacker to inject or modify CSS content when stylesheets are loaded via HTTPS. The connection is established with OpenSSL::SSL::VERIFYNONE, meaning...

5.8CVSS5.8AI score0.00146EPSS
Exploits0References4
CVE
CVE
added 2026/05/13 6:53 p.m.23 views

CVE-2026-41132

CVE-2026-41132 affects CKAN prior to versions 2.10.10 and 2.11.5, where the SMTP connection lacks certificate validation. This allows a MITM attacker to spoof the SMTP server and potentially access credentials and email contents. The issue is mitigated by upgrading CKAN to 2.10.10 or 2.11.5 (or n...

8.7CVSS5.8AI score0.00194EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/13 2:12 p.m.10 views

CVE-2026-42946 NGINX ngx_http_scgi_module and ngx_http_uwsgi_module vulnerability

A vulnerability exists in the ngxhttpscgimodule and ngxhttpuwsgimodule modules that may result in excessive memory allocation or an over-read of data. When scgipass or uwsgipass is configured, an unauthenticated attacker with man-in-the-middle MITM ability to control responses from an upstream...

8.3CVSS5.8AI score0.00932EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/05/08 8:48 p.m.12 views

OpenTelemetry.Exporter.Instana bypasses TLS certificate validation when a proxy is configured

Summary The OpenTelemetry.Exporter.Instana NuGet package does not validate HTTPS/TLS certificates are valid when sending telemetry to a configured Instana back-end when a proxy is configured using the INSTANAENDPOINTPROXY environment variable. If a network attacker can Man-in-the-Middle MitM the...

6.5CVSS5.8AI score0.00207EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder