Lucene search
K

3651 matches found

OSV
OSV
added 2026/03/12 6:51 p.m.23 views

CLSA-2026-1773341470 Update of alt-php

Update ca-certificates database to 20260305: - mozilla\certdata.h,nssckbi.h: Update Mozilla certificate authority bundle of the version 2.84. - The following certificates were added: Certificate "TrustAsia TLS ECC Root CA" Certificate "TrustAsia TLS RSA Root CA" Certificate "SwissSign RSA TLS Roo...

5.8AI score
Exploits0References1
Snyk
Snyk
added 2026/03/12 12:31 a.m.5 views

Symlink Attack

Overview Affected versions of this package are vulnerable to Symlink Attack via the the Vault Kubernetes Authentication Provider. An attacker can access sensitive files by specifying tokenpath configuration parameter to any file on the Consul server node that later returned as jwt data and sent t...

7.6CVSS5.9AI score0.00475EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/03/10 9:26 a.m.13 views

crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption

A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security TLS session resumption when certificate authority CA settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing ...

10CVSS6.5AI score0.00765EPSS
Exploits1References8
OSV
OSV
added 2026/03/04 5:14 p.m.7 views

CLSA-2026-1772644488 Update of ca-certificates

update to CKBI 2.82 from NSS 3.121 - updated certificates: - Certificate "GlobalSign Root CA" - Certificate "Entrust.net Premium 2048 Secure Server CA" - Certificate "Comodo AAA Services root" - Certificate "XRamp Global CA Root" - Certificate "Go Daddy Class 2 CA" - Certificate "Starfield Class...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/03/04 5:11 p.m.12 views

CLSA-2026-1772644297 Update of ca-certificates

update to CKBI 2.82 from NSS 3.120 - updated certificates: - Certificate "GlobalSign Root CA" - Certificate "Entrust.net Premium 2048 Secure Server CA" - Certificate "Comodo AAA Services root" - Certificate "XRamp Global CA Root" - Certificate "Go Daddy Class 2 CA" - Certificate "Starfield Class...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/03/04 4:55 p.m.13 views

CLSA-2026-1772643333 Update of nss

update to CKBI 2.82 from NSS 3.120 - updated certificates: - Certificate "ePKI Root Certification Authority" - Certificate "GlobalSign Root CA" - Certificate "Entrust.net Premium 2048 Secure Server CA" - Certificate "Comodo AAA Services root" - Certificate "XRamp Global CA Root" - Certificate "Go...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/03/04 4:45 p.m.10 views

CLSA-2026-1772642715 Update of alt-php

Update ca-certificates database to 20260129: - mozilla\certdata.h,nssckbi.h: Update Mozilla certificate authority bundle of the version 2.82. - The following certificates were updated: Certificate "GlobalSign Root CA" Certificate "Entrust.net Premium 2048 Secure Server CA" Certificate "Comodo AAA...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/03/04 9:36 a.m.5 views

SUSE-SU-2026:20652-1 Security update for ca-certificates-mozilla

This update for ca-certificates-mozilla fixes the following issues: - Updated to 2.84 state of Mozilla SSL root CAs bsc1258002 - Removed: - Baltimore CyberTrust Root - CommScope Public Trust ECC Root-01 - CommScope Public Trust ECC Root-02 - CommScope Public Trust RSA Root-01 - CommScope Public...

5.8AI score
Exploits0References2
OSV
OSV
added 2026/03/04 8:37 a.m.3 views

SUSE-SU-2026:20696-1 Security update for ca-certificates-mozilla

This update for ca-certificates-mozilla fixes the following issues: - Updated to 2.84 state of Mozilla SSL root CAs bsc1258002 - Removed: - Baltimore CyberTrust Root - CommScope Public Trust ECC Root-01 - CommScope Public Trust ECC Root-02 - CommScope Public Trust RSA Root-01 - CommScope Public...

5.8AI score
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/03/02 6:45 a.m.9 views

crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption

A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security TLS session resumption when certificate authority CA settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing ...

10CVSS6.5AI score0.00765EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
added 2026/02/26 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-27586

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Caddy is an extensible server platform that uses TLS by default. Prior to version 2.11.1, two swallowed errors in ClientAuthentication.provision cause mTLS clie...

9.3CVSS5.8AI score0.00267EPSS
Exploits1References3
OSV
OSV
added 2026/02/25 1:47 p.m.11 views

CLSA-2026-1772027218 Update of ca-certificates

update to CKBI 2.82 from NSS 3.120 - updated certificates: - Certificate "Entrust.net Premium 2048 Secure Server CA" - Certificate "Entrust Root Certification Authority" - Certificate "ePKI Root Certification Authority" - Certificate "AffirmTrust Commercial" - Certificate "AffirmTrust Networking"...

5.8AI score
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/25 10:36 a.m.4 views

CVE-2025-67601

A vulnerability has been identified within Rancher Manager, where using self-signed CA certificates and passing the -skip-verify flag to the Rancher CLI login command without also passing the –cacert flag results in the CLI attempting to fetch CA certificates stored in Rancher’s setting cacerts...

8.3CVSS5.3AI score0.00153EPSS
Exploits0References3Affected Software1
Snyk
Snyk
added 2026/02/24 8:22 p.m.3 views

Unchecked Return Value

Overview Affected versions of this package are vulnerable to Unchecked Return Value due to improper error handling in the provision function. An attacker can gain unauthorized access by presenting a client certificate signed by any system-trusted certificate authority, bypassing the intended...

9.3CVSS5.9AI score0.00267EPSS
Exploits1References2
Github Security Blog
Github Security Blog
added 2026/02/24 8:22 p.m.8 views

Caddy: mTLS client authentication silently fails open when CA certificate file is missing or malformed

Summary Two swallowed errors in ClientAuthentication.provision cause mTLS client certificate authentication to silently fail open when a CA certificate file is missing, unreadable, or malformed. The server starts without error but accepts any client certificate signed by any system-trusted CA,...

9.3CVSS5.5AI score0.00267EPSS
Exploits1References7Affected Software1
OSV
OSV
added 2026/02/24 5:29 p.m.6 views

UBUNTU-CVE-2026-27586

Caddy is an extensible server platform that uses TLS by default. Prior to version 2.11.1, two swallowed errors in ClientAuthentication.provision cause mTLS client certificate authentication to silently fail open when a CA certificate file is missing, unreadable, or malformed. The server starts...

9.3CVSS5.8AI score0.00267EPSS
Exploits1References5
OSV
OSV
added 2026/02/24 4:8 p.m.4 views

CVE-2026-27586 Caddy's mTLS client authentication silently fails open when CA certificate file is missing or malformed

Caddy is an extensible server platform that uses TLS by default. Prior to version 2.11.1, two swallowed errors in ClientAuthentication.provision cause mTLS client certificate authentication to silently fail open when a CA certificate file is missing, unreadable, or malformed. The server starts...

9.3CVSS5.6AI score0.00267EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/02/24 4:8 p.m.19 views

CVE-2026-27586 Caddy's mTLS client authentication silently fails open when CA certificate file is missing or malformed

Caddy is an extensible server platform that uses TLS by default. Prior to version 2.11.1, two swallowed errors in ClientAuthentication.provision cause mTLS client certificate authentication to silently fail open when a CA certificate file is missing, unreadable, or malformed. The server starts...

9.3CVSS0.00267EPSS
Exploits1References3
CVE
CVE
added 2026/02/24 4:8 p.m.22 views

CVE-2026-27586

Summary (CVE-2026-27586): Caddy prior to 2.11.1 has two swallowed errors in ClientAuthentication.provision() that cause mTLS client authentication to silently fail open when the CA certificate file is missing, unreadable, or malformed. The server starts and accepts client certs signed by any syst...

9.3CVSS5.5AI score0.00267EPSS
Exploits1References3Affected Software1
AlpineLinux
AlpineLinux
added 2026/02/24 4:8 p.m.4 views

CVE-2026-27586

Caddy is an extensible server platform that uses TLS by default. Prior to version 2.11.1, two swallowed errors in ClientAuthentication.provision cause mTLS client certificate authentication to silently fail open when a CA certificate file is missing, unreadable, or malformed. The server starts...

9.3CVSS5.5AI score0.00267EPSS
Exploits1
Rows per page
Query Builder