Lucene search
K

187 matches found

NVD
NVD
added yesterday4 views

CVE-2026-12374

Improper certificate validation and a time-of-check time-of-use TOCTOU race condition in the PrivilegedHelperTool XPC service in Cato Client before v.5.13.1 on macOS allows a local authenticated attacker to escalate privileges to root via a self-signed certificate that bypasses the XPC caller...

7.3CVSS
Exploits0References1
RedHat Linux
RedHat Linux
added 3 days ago5 views

gnutls: gnutls: Certificate validation bypass due to improper handling of URI and SRV SANs

A flaw was found in gnutls. A remote attacker could exploit this vulnerability by presenting a specially crafted certificate that contains Uniform Resource Identifier URI or Service SRV Subject Alternative Names SANs. This could cause the certificate validation process to incorrectly fall back to...

7.1CVSS5.8AI score0.00354EPSS
Exploits0References5
Nuclei
Nuclei
added 6 days ago7 views

Check Point IKEv1 Remote-Access VPN - Certificate Authentication Bypass

IKEv1 key exchange contains a broken authentication caused by logic flow weakness in Remote Access and Mobile Access certificate validation, letting unauthenticated remote attackers bypass user authentication and establish VPN connections without valid passwords, exploit requires use of deprecate...

9.3CVSS6.1AI score0.71051EPSS
Exploits5References3
Cvelist
Cvelist
added 6 days ago38 views

CVE-2026-48934

A flaw in Node.js TLS host verification can cause an attacker to bypass certification validation. This vulnerability affects all supported release lines: Node.js 22, Node.js 24, and Node.js 26...

4.3CVSS0.00258EPSS
Exploits0References1
CVE
CVE
added 6 days ago19 views

CVE-2026-48934

CVE-2026-48934 affects Node.js releases 22, 24, and 26. The described flaw enables TLS host identity verification bypass when a session is reused with a different servername, leading to possible unauthorized connections . Advisories (SUSE/OpenSUSE) indicate a patch in the nodejs26-26.3.1-1.1 pack...

4.3CVSS6.6AI score0.00258EPSS
Exploits0References1Affected Software1
NVD
NVD
added last week7 views

CVE-2026-7532

iPAddress name constraints bypass when WOLFSSLIPALTNAME is not defined. IP address name constraints are not enforced in that configuration, allowing a certificate to bypass an issuing CA's IP address constraints...

7.5CVSS0.00133EPSS
Exploits0References3
Cvelist
Cvelist
added last week20 views

CVE-2026-7532 iPAddress name constraints not enforced when WOLFSSL_IP_ALT_NAME is undefined

iPAddress name constraints bypass when WOLFSSLIPALTNAME is not defined. IP address name constraints are not enforced in that configuration, allowing a certificate to bypass an issuing CA's IP address constraints...

5.7CVSS0.00133EPSS
Exploits0References2
OSV
OSV
added 2026/06/20 6:52 a.m.2 views

SUSE-SU-2026:22193-1 Security update for mcphost

This update for mcphost fixes the following issues - CVE-2026-25680,CVE-2026-25681,CVE-2026-27136,CVE-2026-42502,CVE-2026-42506: golang.org/x/net/html: multiple issues when parsing HTML files bsc1267109. - CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad...

10CVSS5.9AI score0.00781EPSS
Exploits0References25
Github Security Blog
Github Security Blog
added 2026/06/18 2:28 p.m.9 views

undici vulnerable to TLS certificate validation bypass via dropped requestTls in SOCKS5 ProxyAgent

Impact undici's ProxyAgent silently drops the requestTls option when configured with a SOCKS5 proxy URI socks5:// or socks://. The target HTTPS connection through the SOCKS5 tunnel falls back to Node's default trust store, ignoring user-configured ca, cert, key, rejectUnauthorized, and servername...

7.4CVSS5.9AI score0.00375EPSS
Exploits0References4Affected Software1
Microsoft Secure
Microsoft Secure
added 2026/06/18 3:43 a.m.26 views

From package to postinstall payload: Inside the Mastra npm supply chain compromise by Sapphire Sleet

In this article 1. Attack chain overview 1. Discovery and initial indicators 2. Dependency injection: the poisoned package.json 3. Typosquat analysis: easy-day-js 4. Staged delivery pattern 5. Obfuscation and payload analysis 6. TLS bypass to self-deletion 7. Timeline analysis 2. Who is Sapphire...

6.9AI score
Exploits0
RedHat Linux
RedHat Linux
added 2026/06/16 4:53 p.m.6 views

Important: Red Hat Security Advisory: gnutls security update

An update for gnutls is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

9.8CVSS5.9AI score0.01335EPSS
Exploits2References14
RedHat Linux
RedHat Linux
added 2026/06/09 11:19 a.m.16 views

Important: Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.5 Product Security and Bug Fix Update

An update is now available for Red Hat Ansible Automation Platform 2.5 Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

9.9CVSS7.1AI score0.02907EPSS
Exploits10References19
CheckPoint Security
CheckPoint Security
added 2026/06/07 12:0 a.m.31 views

CVE-2026-50752 - VPN site to site certificate bypass vulnerability in deprecated IKEv1 key exchange

Symptoms - A vulnerability in the certificate validation logic of the deprecated IKEv1 key exchange method may lead to a man-in-the-middle attack on the VPN site-to-site configuration. This vulnerability was discovered by Check Point security research team. There are no reported exploits of this...

7.4CVSS6.1AI score0.04859EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/04 12:0 a.m.9 views

RockyLinux 10 : golang-github-openprinting-ipp-usb (RLSA-2026:19144)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:19144 advisory. crypto/x509: golang: Go crypto/x509: Certificate validation bypass due to incorrect DNS constraint application CVE-2026-33810 golang:...

8.8CVSS7.3AI score0.00621EPSS
Exploits0References9
Vulnrichment
Vulnrichment
added 2026/06/01 7:53 a.m.7 views

CVE-2026-49267 Apache Airflow: No certificate validation on SMTP STARTTLS connections

Apache Airflow's EmailOperator and the underlying airflow.utils.email helpers established SMTP STARTTLS connections without verifying the remote certificate when the deployment used email smtpstarttls=True without email smtpssl. An attacker positioned between the worker and the configured SMTP...

5.9AI score0.00185EPSS
Exploits0References2
Rockylinux
Rockylinux
added 2026/05/29 4:3 p.m.22 views

golang-github-openprinting-ipp-usb security update

An update is available for golang-github-openprinting-ipp-usb. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list HTTP reverse proxy, backed by IPP-over-USB...

8.8CVSS5.8AI score0.00621EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/05/29 12:0 a.m.12 views

PT-2026-44799

Name of the Vulnerable Software and Affected Versions OpenShift Router affected versions not specified Description A flaw in the HTTP frontend occurs when a Route has the insecureEdgeTerminationPolicy set to Allow. In this configuration, the router fails to remove X-SSL-Client- headers from...

7.5CVSS5.5AI score0.0023EPSS
Exploits0References12
RedhatCVE
RedhatCVE
added 2026/05/26 2:12 p.m.11 views

CVE-2026-32253

Sunshine is a self-hosted game stream host for Moonlight. In versions prior to 2026.516.143833, the client-certificate authentication can be bypassed because of how OpenSSL verification results are handled. In src/crypto.cpp, the custom verify callback treats X509VERRUNABLETOGETISSUERCERTLOCALLY,...

9.8CVSS5.7AI score0.00291EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2026/05/26 12:55 p.m.18 views

Apache Tomcat: Apache Tomcat: Authentication bypass due to CLIENT_CERT soft fail misconfiguration

A flaw was found in Apache Tomcat and Apache Tomcat Native. When CLIENTCERT authentication is configured with "soft fail" disabled, the authentication process may not correctly fail in certain scenarios. This vulnerability could allow an attacker to bypass expected client certificate...

9.1CVSS5.8AI score0.00715EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2026/05/22 5:7 p.m.15 views

CVE-2026-32253

Sunshine is a self-hosted game stream host for Moonlight. In versions prior to 2026.516.143833, the client-certificate authentication can be bypassed because of how OpenSSL verification results are handled. In src/crypto.cpp, the custom verify callback treats X509VERRUNABLETOGETISSUERCERTLOCALLY,...

9.8CVSS5.7AI score0.00291EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder