node-forge: Forge (node-forge): Certificate validation bypass allows unauthorized certificate issuance

A flaw was found in Forge also known as node-forge, a JavaScript implementation of Transport Layer Security TLS. The pki.verifyCertificateChain function does not properly enforce certificate validation rules. This oversight allows an intermediate certificate that lacks specific security extension...

PT-2026-43437

Name of the Vulnerable Software and Affected Versions Samba affected versions not specified Description A flaw exists in the vfs worm module, which is designed to provide write-once, read-many WORM protections by preventing file modifications after a specific grace period. Due to insufficient...

PT-2026-43439

Name of the Vulnerable Software and Affected Versions ctdb versions prior to 4.23.8+git.477.f78166bceed-1.1 Description A denial of service issue exists against the AD DC WINS server. Recommendations Update to version 4.23.8+git.477.f78166bceed-1.1...

PT-2026-41395

Name of the Vulnerable Software and Affected Versions epa4all-client versions prior to 1.2.2 Description An attacker positioned on the network path between the ePA service and the Konnektor can present any TLS certificate, such as self-signed, expired, or those with an incorrect Common Name CN, t...

CVE-2026-29140

CVE-2026-29140 affects SEPPmail Secure Email Gateway prior to version 15.0.3. The issue allows an attacker to cause attacker-controlled certificates to be used for future encryption on a victim by inserting those certificates into S/MIME signatures. The root cause is not explicitly broken out bey...

Exploit for Improper Certificate Validation in Microsoft

CVE-2022-26923 – Certifried Exploit AD CS Abuse Automatisat...

CVE-2025-61729

Within HostnameError.Error, when constructing an error string, there is no limit to the number of hosts that will be printed out. Furthermore, the error string is constructed by repeated string concatenation, leading to quadratic runtime. Therefore, a certificate provided by a malicious actor can...

SUSE CVE-2025-65495

Integer signedness error in tlsverifycallback in src/coapopenssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted TLS certificate that causes i2dX509 to return -1 and be misused as a malloc size parameter...

CVE-2025-59353 Manager generates mTLS certificates for arbitrary IP addresses

Dragonfly is an open source P2P-based file distribution and image acceleration system. Prior to 2.1.0, a peer can obtain a valid TLS certificate for arbitrary IP addresses, effectively rendering the mTLS authentication useless. The issue is that the Manager’s Certificate gRPC service does not...

Linux Distros Unpatched Vulnerability : CVE-2016-2422

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Wi-Fi in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 does not prevent use of a Wi-Fi CA certificate in an...

Carderbee Attacks: Hong Kong Organizations Targeted via Malicious Software Updates

A previously undocumented threat cluster has been linked to a software supply chain attack targeting organizations primarily located in Hong Kong and other regions in Asia. The Symantec Threat Hunter Team, part of Broadcom, is tracking the activity under its insect-themed moniker Carderbee. The...

CVE-2022-48307

It was discovered that the Magritte-ftp was not verifying hostnames in TLS certificates due to a misuse of the javax.net.ssl.SSLSocketFactory API. A malicious attacker in a privileged network position could abuse this to perform a man-in-the-middle attack. A successful man-in-the-middle attack...

SUSE CVE-2021-41990

The gmp plugin in strongSwan before 5.9.4 has a remote integer overflow via a crafted certificate with an RSASSA-PSS signature. For example, this can be triggered by an unrelated self-signed CA certificate sent by an initiator. Remote code execution cannot occur...

Tootdon for Mastodon Trust Management Issue Vulnerability

Tootdon for Mastodon is a social application for Mastodon. A vulnerability with trust management issues exists in Tootdon for Mastodon 3.4.1 and earlier versions Android. The vulnerability stems from the lack of an effective trust management mechanism in a networked system or product. An attacker...

strongSwan GMP Plugin Buffer Overflow Vulnerability

strongSwan is an open source IPsec-based VPN solution for Linux maintained by Swiss software developer Andreas Steffen. The solution includes X.509 public key certificates, secure storage of private keys, smart cards and other authentication mechanisms. gmp plugin is one of the plug-ins. A buffer...

Covert Data Channel in TLS Dodges Network Perimeter Protection

Researchers have released a proof-of-concept framework for a new covert channel for data exchange using the Transport Layer Security TLS protocol. The method exploits the public key certificate standard X.509 and could allow for post-intrusion C2 communication and data exfiltration to go unnotice...

Assessing Weaknesses in Public Key Infrastructure

Spreading malware with a legitimate digital certificate is an adversary’s dream come true, with plenty of successful examples tracing back to nation-state attacks such as Stuxnet and Flame, and other misuse that crops up on a regular basis. For a group of University of Maryland researchers, the...

Intel Crosswalk Man-in-the-Middle Attack Vulnerability

Intel Crosswalk is the United States Intel Intel company's set of Web engines. A man-in-the-middle attack vulnerability exists in Intel Crosswalk because the program fails to properly validate X.509 certificates. An attacker can exploit this vulnerability with a specially crafted certificate to...

IBM WebSphere eXtreme Scale Certificate Brute Force Breach Vulnerability

IBM WebSphere eXtreme Scale is a distributed caching solution. IBM WebSphere Extreme Scale failed to properly set up user logout functionality, allowing remote attackers to exploit a vulnerability to brute-force account credentials...

smack: MitM vulnerability

It was found that SSLSocket in Smack did not perform hostname verification. An attacker could redirect traffic between an application and an XMPP server by providing a valid certificate for a domain under the attacker's control...