CVE-2026-44505

Nimiq is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. network-libp2p handles kad get-record query progress in handledhtget network-libp2p/src/swarm.rs. Prior to version 1.4.0, when a peer returns a FoundRecord, the code verifies the record...

CVE-2026-46541 Nimiq network-libp2p: DHT query poisoning via first-record verification failure

Nimiq is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. Prior to version 1.4.0, iIn handledhtget, the DhtResults accumulator is only initialized when the first DHT record passes verification. If the first record fails from a malicious DHT...

CVE-2026-42769

Summary: CVE-2026-42769 arises from an error in the CMP Root CA key rollover verification in OpenSSL. A typo in the certificate chain building code caused the verifier to add the wrong certificate ("newWithOld" instead of the intended "oldRoot") to the chain, rendering the verification ineffectiv...

PT-2026-47839

Name of the Vulnerable Software and Affected Versions OpenSSL affected versions not specified Description An error in the callback used to verify certificates during a Root CA key update in the Certificate Management Protocol CMP renders certificate validation ineffectual. Specifically, a typo in...

CVE-2026-49192 Summary Service Insecure Direct Object Reference

The summary service endpoint suffers from an IDOR vulnerability where it fails to verify user ownership of hardware serial numbers, exposing device data to scraping...

Apache Airflow Trust Management Vulnerability

Apache Airflow is an open-source platform developed by the Apache Foundation in the United States. It allows for the creation, management, and monitoring of workflows. Versions of Apache Airflow prior to 3.2.2 contained a trust management vulnerability. This vulnerability stemmed from the...

CVE-2026-3012

auto-enrolment GPO installing CA certificate over http without verification...

OPPO O+ Connect 安全漏洞

OPPO O+ Connect is a multi-device connectivity and data collaboration platform developed by OPPO Corporation in China. There is a security vulnerability in OPPO O+ Connect, which stems from the failure to verify the identity of the caller on the pipeline interface, potentially leading to an...

EUVD-2026-28428

PJSIP is a free and open source multimedia communication library written in C. Prior to version 2.17, on GnuTLS builds, the SIP TLS transport siptransporttls can accept connections with invalid or untrusted certificates even when the application explicitly enables certificate verification via...

JLSEC-2026-418 When curl is told to use the Certificate Status Request TLS extension, often referred to as OCSP...

When curl is told to use the Certificate Status Request TLS extension, often referred to as OCSP stapling, to verify that the server certificate is valid, it might fail to detect some OCSP problems and instead wrongly consider the response as fine. If the returned status reports another error tha...

PT-2026-35911

Name of the Vulnerable Software and Affected Versions Ollama for Windows versions 0.12.10 through 0.17.5 Description Ollama for Windows fails to verify the integrity or authenticity of downloaded update executables. The update verification routine on Windows unconditionally returns success,...

CVE-2025-15621 Sparx Enterprise Architect Client does not verify the receiver of OAuth2 credentials during OpenID authentication

Insufficiently Protected Credentials in Sparx Systems Pty Ltd. Sparx Enterprise Architect. Client does not verify the receiver of OAuth2 credentials during OpenID authentication...

free5GC 安全漏洞

free5GC is an open-source project for the 5th generation 5G mobile core network. Versions of free5GC such as 1.4.2 and earlier contain security vulnerabilities. These vulnerabilities stem from the UDR service’s handling of traffic affected by subscriptions. After a verification failure, the proce...

MinIO has an Unauthenticated Object Write via Missing Signature Verification in Unsigned-Trailer Uploads

Impact Two authentication bypass vulnerabilities in MinIO's STREAMING-UNSIGNED-PAYLOAD-TRAILER code path allow any user who knows a valid access key to write arbitrary objects to any bucket without knowing the secret key or providing a valid cryptographic signature. Any MinIO deployment is...

BIT-HELM-2026-35205 Helm's plugin verification fails open when .prov is missing, allowing unsigned plugin install

Helm is a package manager for Charts for Kubernetes. From 4.0.0 to 4.1.3, Helm will install plugins missing provenance .prov file when signature verification is required. This vulnerability is fixed in 4.1.4...

PT-2026-29097

Name of the Vulnerable Software and Affected Versions TrueConf versions 8.1.0 through 8.5.2 Description TrueConf Client downloads application update code and applies it without performing integrity or authenticity verification. An attacker capable of influencing the update delivery path, such as ...

CVE-2026-31830

sigstore-ruby is a pure Ruby implementation of the sigstore verify command from the sigstore/cosign project. Prior to 0.2.3, Sigstore::Verifierverify does not propagate the VerificationFailure returned by verifyintoto when the artifact digest does not match the digest in the in-toto attestation...

CVE-2026-30884 mdjnelson/moodle-mod_customcert Vulnerable to Authorization Bypass Through User-Controlled Key

mdjnelson/moodle-modcustomcert is a Moodle plugin for creating dynamically generated certificates with complete customization via the web browser. Prior to versions 4.4.9 and 5.0.3, a teacher who holds mod/customcert:manage in any single course can read and silently overwrite certificate elements...

Keycloak 安全漏洞

Keycloak is an open-source identity and access management solution developed by Keycloak. Keycloak has a security vulnerability, which stems from the SAML proxy endpoint failing to properly verify encrypted assertions. This vulnerability may lead to unauthorized access and information leakage...

Keycloak 安全漏洞

Keycloak is an open-source identity and access management solution developed by Keycloak. Keycloak has a security vulnerability, which stems from the SAML endpoint not verifying the status of external identity Providers. This could lead to bypassing security controls and performing unauthorized...