CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

240 matches found

Cvelist•added 2026/06/09 4:3 p.m.•28 views

CVE-2026-42769 Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate

Issue Summary: An error in the callback used to verify the certificate provided in a Root CA key update Certificate Management Protocol CMP message response rendered the certificate validation ineffectual, which could lead to escalation of credentials from the Registration Authority RA level to t...

0.00262EPSS

Exploits0References5

CVE•added 2026/06/09 4:3 p.m.•35 views

CVE-2026-42769

Summary: CVE-2026-42769 arises from an error in the CMP Root CA key rollover verification in OpenSSL. A typo in the certificate chain building code caused the verifier to add the wrong certificate ("newWithOld" instead of the intended "oldRoot") to the chain, rendering the verification ineffectiv...

5.3CVSS5.7AI score0.00262EPSS

Exploits0References5Affected Software1

Positive Technologies•added 2026/06/09 12:0 a.m.•12 views

PT-2026-47839

Name of the Vulnerable Software and Affected Versions OpenSSL affected versions not specified Description An error in the callback used to verify certificates during a Root CA key update in the Certificate Management Protocol CMP renders certificate validation ineffectual. Specifically, a typo in...

9.1CVSS5.8AI score0.00684EPSS

Exploits0References100

Circl•added 2026/04/09 3:55 a.m.•4 views

CVE-2026-4901

creationtimestamp| type| source ---|---|--- 2026-04-09 03:55:00+00:00| seen| https://cert.pl/en/posts/2026/04/CVE-2026-4901/ 2026-04-09 11:16:38+00:00| seen| Telegram/nE1gVyn8jRxbZ-OhSUewb4fvVZDT-qjlGTvhk8YiMctdMk 2026-04-09 12:27:44+00:00| seen|...

6.9CVSS5.3AI score0.00259EPSS

Exploits0References2

Circl•added 2026/03/19 12:0 a.m.•5 views

CVE-2023-53168

creationtimestamp| type| source ---|---|--- 2026-03-19 00:00:00+00:00| seen| https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/...

5.5CVSS5.7AI score0.00143EPSS

Exploits0References1

OSV•added 2026/02/25 1:47 p.m.•7 views

CLSA-2026-1772027218 Update of ca-certificates

update to CKBI 2.82 from NSS 3.120 - updated certificates: - Certificate "Entrust.net Premium 2048 Secure Server CA" - Certificate "Entrust Root Certification Authority" - Certificate "ePKI Root Certification Authority" - Certificate "AffirmTrust Commercial" - Certificate "AffirmTrust Networking"...

5.8AI score

Exploits0References1

GithubExploit•added 2026/02/21 9:35 a.m.•177 views

Exploit for Improper Certificate Validation in Microsoft

CVE-2022-26923 – Certifried Exploit AD CS Abuse Automatisat...

9CVSS5.6AI score0.83277EPSS

Exploits8

ATTACKERKB•added 2026/02/20 11:8 p.m.•5 views

CVE-2018-2250

DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none...

5.5AI score

Exploits0References1

OSV•added 2026/02/14 11:42 p.m.•7 views

CLSA-2026-1771112524 Update of alt-php

Update ca-certificates database to 20260129: - mozilla\certdata.h,nssckbi.h: Update Mozilla certificate authority bundle of the version 2.82. - The following certificates were updated: Certificate "GlobalSign Root CA" Certificate "Entrust.net Premium 2048 Secure Server CA" Certificate "Comodo AAA...

5.8AI score

Exploits0References1

Circl•added 2025/12/03 2:14 p.m.•2 views

CVE-2022-49766

creationtimestamp| type| source ---|---|--- 2025-12-03 14:14:49+00:00| seen| https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8 2026-03-19 00:00:00+00:00| seen| https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/...

5.5CVSS6.1AI score0.0014EPSS

Exploits0References2

Circl•added 2025/12/03 2:14 p.m.•5 views

CVE-2025-39770

5.5CVSS6.6AI score0.00144EPSS

Exploits0References3