112 matches found
CVE-2026-9758
Improper comparison with the certificates trusted list in S2OPC allows an attacker well-formed untrusted certificate to be considered trusted...
CVE-2026-9758
Improper comparison with the certificates trusted list in S2OPC allows an attacker well-formed untrusted certificate to be considered trusted...
CVE-2026-9758 Improper Certificate Validation in S2OPC
Improper comparison with the certificates trusted list in S2OPC allows an attacker well-formed untrusted certificate to be considered trusted...
CVE-2026-9758 Improper Certificate Validation in S2OPC
Improper comparison with the certificates trusted list in S2OPC allows an attacker well-formed untrusted certificate to be considered trusted...
EUVD-2026-36003
Improper comparison with the certificates trusted list in S2OPC allows an attacker well-formed untrusted certificate to be considered trusted...
CVE-2026-9758
Technical details (affected versions, root cause specifics, exploitation status) are not publicly available in the provided documents. Monitor for updates from CVE sources and connected feeds.
CVE-2026-9058
Szafir SDK returns a success status code from the cryptographic digital signature verification process i.e. /VerifyingTaskItem/Signature/VerificationResult/Result/@code == 0, "Positively verified" even when the trust status of the signer's certificate could not be established i.e...
CVE-2026-9058
Szafir SDK returns a success status code from the cryptographic digital signature verification process i.e. /VerifyingTaskItem/Signature/VerificationResult/Result/@code == 0, "Positively verified" even when the trust status of the signer's certificate could not be established i.e...
CVE-2026-32253
CVE-2026-32253 (Sunshine) : Sunshine, a self-hosted game stream host for Moonlight, had a vulnerability in client-certificate authentication where the OpenSSL verification results were mishandled in src/crypto.cpp. The custom verify callback treated X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY, X...
Astra Linux – Vulnerabilities in Firefox, Thunderbird, NSS
After accepting an untrusted certificate, handling an empty PKCS7 sequence as part of the certificate data could have led to a crash. This crash is believed to be exploitable. This vulnerability affects Firefox ESR 91.5, Firefox 96, and Thunderbird 91.5...
CVE-2026-35389
Bulwark Webmail is a self-hosted webmail client for Stalwart Mail Server. Prior to 1.4.11, S/MIME signature verification did not validate the certificate trust chain checkChain: false. Any email signed with a self-signed or untrusted certificate was displayed as having a valid signature. This...
CVE-2026-35389
Bulwark Webmail is a self-hosted webmail client for Stalwart Mail Server. Prior to 1.4.11, S/MIME signature verification did not validate the certificate trust chain checkChain: false. Any email signed with a self-signed or untrusted certificate was displayed as having a valid signature. This...
CVE-2026-35389
Bulwark Webmail is a self-hosted webmail client for Stalwart Mail Server. Prior to 1.4.11, S/MIME signature verification did not validate the certificate trust chain checkChain: false. Any email signed with a self-signed or untrusted certificate was displayed as having a valid signature. This...
CVE-2026-35389 Bulwark Webmail S/MIME signature verification accepted self-signed certificates
Bulwark Webmail is a self-hosted webmail client for Stalwart Mail Server. Prior to 1.4.11, S/MIME signature verification did not validate the certificate trust chain checkChain: false. Any email signed with a self-signed or untrusted certificate was displayed as having a valid signature. This...
PT-2026-30727
Bulwark Webmail is a self-hosted webmail client for Stalwart Mail Server. Prior to 1.4.11, S/MIME signature verification did not validate the certificate trust chain checkChain: false. Any email signed with a self-signed or untrusted certificate was displayed as having a valid signature. This...
EulerOS Virtualization 2.12.1 : nss (EulerOS-SA-2026-1447)
According to the versions of the nss packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : After accepting an untrusted certificate, handling an empty pkcs7 sequence as part of the certificate data could have lead to a crash...
EulerOS Virtualization 2.12.0 : nss (EulerOS-SA-2026-1504)
According to the versions of the nss packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : After accepting an untrusted certificate, handling an empty pkcs7 sequence as part of the certificate data could have lead to a crash...
NewStart CGSL MAIN 6.06 (SP) : krb5 Multiple Vulnerabilities (NS-SA-2026-0007)
The remote NewStart CGSL host, running version MAIN 6.06 SP, has krb5 packages installed that are affected by multiple vulnerabilities: - plugins/preauth/pkinit/pkinitcryptoopenssl.c in MIT Kerberos 5 aka krb5 through 1.15.2 mishandles Distinguished Name DN fields, which allows remote attackers t...
EulerOS Virtualization 2.10.1 : nss (EulerOS-SA-2026-1133)
According to the versions of the nss packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : After accepting an untrusted certificate, handling an empty pkcs7 sequence as part of the certificate data could have lead to a crash...
AZL-78919 CVE-2025-61723 affecting package golang 1.25.7-1
The processing time for parsing some invalid inputs scales non-linearly with respect to the size of the input. This affects programs which parse untrusted PEM inputs...