Lucene search
K

7 matches found

EUVD
EUVD
added 5 days ago8 views

EUVD-2026-41207

Description: To issue and renew TLS certificates on behalf of customers, Cloudflare's Universal SSL feature automatically manages the CAA RRset for the customer's zone. This auto-managed RRset is permissive by design e.g. 'issue "letsencrypt.org"' without parameters. On Universal SSL zones,...

7.6CVSS5.7AI score0.00135EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 6 days ago9 views

CVE-2026-14440 Cloudflare Universal SSL automatically managed CAA RRset supersedes customer-configured CAA records

Description: To issue and renew TLS certificates on behalf of customers, Cloudflare's Universal SSL feature automatically manages the CAA RRset for the customer's zone. This auto-managed RRset is permissive by design e.g. 'issue "letsencrypt.org"' without parameters. On Universal SSL zones,...

7.6CVSS5.7AI score0.00135EPSS
Exploits0References4
CVE
CVE
added 6 days ago17 views

CVE-2026-14440

Summary: CVE-2026-14440 concerns Cloudflare’s Universal SSL: automatic, permissive CAA RRset management on Universal SSL zones supersedes customer CAA records. When customers push stricter CAA via RFC 8657 accounturi or validationmethods, CAs do not observe those parameters during RFC 8659 evalua...

7.6CVSS5.7AI score0.00135EPSS
Exploits0References8
The Hacker News
The Hacker News
added 2020/03/04 10:54 a.m.4 views

Let's Encrypt Revoking 3 Million TLS Certificates Issued Incorrectly Due to a Bug

The most popular free certificate signing authority Let's Encrypt is going to revoke more than 3 million TLS certificates within the next 24 hours that may have been issued wrongfully due to a bug in its Certificate Authority software. The bug, which Let's Encrypt confirmed on February 29 and was...

5.8AI score
Exploits0
OSV
OSV
added 2019/08/01 2:15 p.m.4 views

CVE-2018-20892

cPanel before 74.0.0 allows arbitrary zone file modifications because of incorrect CAA record handling SEC-439...

4.3CVSS5.9AI score0.00633EPSS
Exploits0References2
Hacker One
Hacker One
added 2018/09/16 6:34 a.m.60 views

HackerOne: Missing Certificate Authority Authorization rule

Certificate Authority Authorization supported by LetsEncrypt and other CAs allows a domain owner to specify which Certificate Authorities should be allowed to issue certificates for the domain. All CAA-compliant certificate authorities should refuse to issue a certificate unless they are the CA o...

0.7AI score
Exploits0
Hacker One
Hacker One
added 2017/08/17 4:53 a.m.166 views

Gratipay: Missing Certificate Authority Authorization rule

Hi Team, Summary Certificate Authority Authorization supported by LetsEncrypt and other CAs allows a domain owner to specify which Certificate Authorities should be allowed to issue certificates for the domain. All CAA-compliant certificate authorities should refuse to issue a certificate unless...

0.6AI score
Exploits0
Rows per page
Query Builder