CVE-2026-25793

Nebula is a scalable overlay networking tool. In versions from 1.7.0 to 1.10.2, when using P256 certificates which is not the default configuration, it is possible to evade a blocklist entry created against the fingerprint of a certificate by using ECDSA Signature Malleability to use a copy of th...

CVE-2026-25793

Nebula is a scalable overlay networking tool. In versions from 1.7.0 to 1.10.2, when using P256 certificates which is not the default configuration, it is possible to evade a blocklist entry created against the fingerprint of a certificate by using ECDSA Signature Malleability to use a copy of th...

Nebula 数据伪造问题漏洞

Nebula is an open-source WordPress theme framework focused on enhancing development capabilities. Versions of Nebula from 1.7.0 to 1.10.2 have a data manipulation vulnerability. This vulnerability arises from the possibility of circumventing the certificate fingerprint block list by using P256...

PT-2026-6835

Name of the Vulnerable Software and Affected Versions Nebula versions 1.7.0 through 1.10.2 Description Nebula is a scalable overlay networking tool. When using P256 certificates which is not the default configuration, it is possible to evade a blocklist entry created against the fingerprint of a...

Unprotected Alternate Channel

Overview github.com/slackhq/nebula is a scalable overlay networking tool with a focus on performance, simplicity and security. Affected versions of this package are vulnerable to Unprotected Alternate Channel via improper handling of CIDR configuration in certificates. An attacker with control ov...