PT-2026-48333

Name of the Vulnerable Software and Affected Versions Spring Security versions 5.7.0 through 5.7.24 Spring Security versions 5.8.0 through 5.8.26 Spring Security versions 6.3.0 through 6.3.17 Spring Security versions 6.4.0 through 6.4.17 Spring Security versions 6.5.0 through 6.5.10 Description T...

BIT-NATS-2026-33248 NATS has mTLS verify_and_map authentication bypass via incorrect Subject DN matching

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, when using mTLS for client identity, with verifyandmap to derive a NATS identity from the client certificate's Subject DN, certain patterns of RDN would not be...

GO-2026-4828 NATS has mTLS verify_and_map authentication bypass via incorrect Subject DN matching in github.com/nats-io/nats-server

NATS has mTLS verifyandmap authentication bypass via incorrect Subject DN matching in github.com/nats-io/nats-server...

CVE-2026-33248

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, when using mTLS for client identity, with verifyandmap to derive a NATS identity from the client certificate's Subject DN, certain patterns of RDN would not be...

DEBIAN-CVE-2026-33248

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, when using mTLS for client identity, with verifyandmap to derive a NATS identity from the client certificate's Subject DN, certain patterns of RDN would not be...

CVE-2026-33248 NATS has mTLS verify_and_map authentication bypass via incorrect Subject DN matching

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, when using mTLS for client identity, with verifyandmap to derive a NATS identity from the client certificate's Subject DN, certain patterns of RDN would not be...

CVE-2026-33248

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, when using mTLS for client identity, with verifyandmap to derive a NATS identity from the client certificate's Subject DN, certain patterns of RDN would not be...

NATS has mTLS verify_and_map authentication bypass via incorrect Subject DN matching

Background NATS.io is a high performance open source pub-sub distributed communication technology, built for the cloud, on-premise, IoT, and edge computing. One authentication model supported is mTLS, deriving the NATS client identity from properties of the TLS Client Certificate. Problem...

GHSA-3F24-PCVM-5JQC NATS has mTLS verify_and_map authentication bypass via incorrect Subject DN matching

Background NATS.io is a high performance open source pub-sub distributed communication technology, built for the cloud, on-premise, IoT, and edge computing. One authentication model supported is mTLS, deriving the NATS client identity from properties of the TLS Client Certificate. Problem...

PT-2026-27621

Name of the Vulnerable Software and Affected Versions NATS-Server versions prior to 2.11.15 NATS-Server versions prior to 2.12.6 Description NATS-Server, a high-performance server for NATS.io, a cloud and edge native messaging system, has an issue where, when using mTLS for client identity with...

EUVD-2010-0808

Malware in sbrugna...

mod_ssl ssl_util_uuencode_binary CA issue

Stack-based buffer overflow in the sslutiluuencodebinary function in sslutil.c for Apache modssl, when modssl is configured to trust the issuing CA, may allow remote attackers to execute arbitrary code via a client certificate with a long subject DN...

PT-2004-1606 · Apache · Apache Mod Ssl +1

Name of the Vulnerable Software and Affected Versions: Apache mod ssl affected versions not specified Description: The issue is related to a stack-based buffer overflow in the ssl util uuencode binary function. This occurs when mod ssl is configured to trust the issuing CA and a client certificat...