Lucene search
K

61 matches found

RedhatCVE
RedhatCVE
added 2026/06/24 7:25 a.m.7 views

CVE-2026-48491

A flaw was found in Traefik, an HTTP reverse proxy and load balancer. This vulnerability allows an unauthenticated client to bypass mutual Transport Layer Security TLS enforcement, a security measure that verifies both client and server identities. The bypass occurs due to an issue in Traefik's...

10CVSS5.8AI score0.00245EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/06/23 7:12 p.m.37 views

CVE-2026-48491 Traefik: SNICheck ignores wildcard TLSOptions mappings, allowing domain-fronted mTLS bypass

Traefik is an HTTP reverse proxy and load balancer. From 3.7.0 until 3.7.3, there is a high severity vulnerability in Traefik's domain-fronting protection SNICheck that allows an unauthenticated client to bypass mutual TLS enforced through wildcard router TLSOptions. When a router uses a wildcard...

7.8CVSS0.00245EPSS
Exploits1References2
CVE
CVE
added 2026/06/23 7:12 p.m.12 views

CVE-2026-48491

CVE-2026-48491 (Traefik) describes a high-severity vulnerability in Traefik 3.7.0–3.7.3 where SNICheck ignores wildcard TLSOptions mappings. An unauthenticated client can complete a TLS handshake with a permissive SNI on the same entrypoint and then send a Host header targeting a wildcard-protect...

10CVSS5.9AI score0.00245EPSS
Exploits1References5Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/23 7:12 p.m.4 views

CVE-2026-48491 Traefik: SNICheck ignores wildcard TLSOptions mappings, allowing domain-fronted mTLS bypass

Traefik is an HTTP reverse proxy and load balancer. From 3.7.0 until 3.7.3, there is a high severity vulnerability in Traefik's domain-fronting protection SNICheck that allows an unauthenticated client to bypass mutual TLS enforced through wildcard router TLSOptions. When a router uses a wildcard...

7.8CVSS5.9AI score0.00245EPSS
Exploits1References2
AlpineLinux
AlpineLinux
added 2026/06/23 7:12 p.m.5 views

CVE-2026-48491

Traefik is an HTTP reverse proxy and load balancer. From 3.7.0 until 3.7.3, there is a high severity vulnerability in Traefik's domain-fronting protection SNICheck that allows an unauthenticated client to bypass mutual TLS enforced through wildcard router TLSOptions. When a router uses a wildcard...

10CVSS5.8AI score0.00245EPSS
Exploits1References5
Github Security Blog
Github Security Blog
added 2026/06/16 7:2 p.m.79 views

Traefik: SNICheck ignores wildcard TLSOptions mappings, allowing domain-fronted mTLS bypass

Summary There is a high severity vulnerability in Traefik's domain-fronting protection SNICheck that allows an unauthenticated client to bypass mutual TLS enforced through wildcard router TLSOptions. When a router uses a wildcard host rule such as Host.example.com with stricter TLS options for...

10CVSS5.1AI score0.00245EPSS
Exploits1References3Affected Software1
Snyk
Snyk
added 2026/06/16 7:2 p.m.4 views

Authentication Bypass Using an Alternate Path or Channel

Overview Affected versions of this package are vulnerable to Authentication Bypass Using an Alternate Path or Channel in the SNICheck process. An attacker can gain unauthorized access to protected backends by completing a TLS handshake using a permissive SNI and then sending an HTTP Host header...

10CVSS6AI score0.00245EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.16 views

PT-2026-50143

Name of the Vulnerable Software and Affected Versions Traefik versions 3.7.0 through 3.7.2 Description An issue in the SNICheck domain-fronting protection allows an unauthenticated client to bypass mutual TLS mTLS enforced through wildcard router TLSOptions. When a router uses a wildcard host rul...

10CVSS5.2AI score0.00245EPSS
Exploits1References12
Tenable Nessus
Tenable Nessus
added 2025/11/18 12:0 a.m.5 views

Mozilla Firefox < 63.0

The version of Firefox installed on the remote macOS or Mac OS X host is prior to 63.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2018-26 advisory. - When manipulating user events in nested loops while opening a document through script, it is possible to...

9.8CVSS7.6AI score0.03924EPSS
Exploits0References15
NCSC
NCSC
added 2025/11/07 10:7 a.m.18 views

Vulnerabilities fixed in Fortinet FortiOS and FortiProxy

Fortinet has fixed vulnerabilities in FortiOS and FortiProxy. The vulnerabilities include a stack-based buffer overflow that allows authenticated attackers to execute unauthorized code via specially crafted CLI commands. In addition, there are issues with incorrect certificate validation that all...

7.8CVSS7.3AI score0.00398EPSS
Exploits2References6
RedhatCVE
RedhatCVE
added 2025/10/15 3:47 p.m.9 views

CVE-2025-25255

An Improperly Implemented Security Check for Standard vulnerability CWE-358 vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiProxy 7.6.0 through 7.6.3, FortiProxy 7.4.0 through 7.4.11, FortiProxy 7.2 all versions, FortiProxy 7.0.1 through 7.0.22 may allow an unauthenticated proxy user ...

5.3CVSS6.7AI score0.00398EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2025/10/15 12:0 a.m.15 views

Fortinet Fortigate Domain fronting protection bypass in explicit web proxy (FG-IR-24-372)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-24-372 advisory. - An Improperly Implemented Security Check for Standard vulnerability CWE-358 in FortiProxy 7.6.0 through 7.6.3, 7.4 all...

5.3CVSS5.7AI score0.00398EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/14 6:30 p.m.8 views

EUVD-2025-34236

An Improperly Implemented Security Check for Standard vulnerability CWE-358 in FortiProxy 7.6.0 through 7.6.3, 7.4 all versions, 7.2 all versions, 7.0.1 through 7.0.21, and FortiOS 7.6.0 through 7.6.3 explicit web proxy may allow an authenticated proxy user to bypass the domain fronting protectio...

6.2AI score0.00398EPSS
Exploits1References2
NVD
NVD
added 2025/10/14 4:15 p.m.9 views

CVE-2025-25255

An Improperly Implemented Security Check for Standard vulnerability CWE-358 vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiProxy 7.6.0 through 7.6.3, FortiProxy 7.4.0 through 7.4.11, FortiProxy 7.2 all versions, FortiProxy 7.0.1 through 7.0.22 may allow an unauthenticated proxy user ...

5.3CVSS0.00398EPSS
Exploits1References1
OSV
OSV
added 2025/10/14 4:15 p.m.3 views

CVE-2025-25255

An Improperly Implemented Security Check for Standard vulnerability CWE-358 vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiProxy 7.6.0 through 7.6.3, FortiProxy 7.4.0 through 7.4.11, FortiProxy 7.2 all versions, FortiProxy 7.0.1 through 7.0.22 may allow an unauthenticated proxy user ...

4.3CVSS5.8AI score0.00398EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/10/14 3:23 p.m.14 views

CVE-2025-25255

An Improperly Implemented Security Check for Standard vulnerability CWE-358 vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiProxy 7.6.0 through 7.6.3, FortiProxy 7.4.0 through 7.4.11, FortiProxy 7.2 all versions, FortiProxy 7.0.1 through 7.0.22 may allow an unauthenticated proxy user ...

5.3CVSS0.00398EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/10/14 3:23 p.m.5 views

CVE-2025-25255

An Improperly Implemented Security Check for Standard vulnerability CWE-358 vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiProxy 7.6.0 through 7.6.3, FortiProxy 7.4.0 through 7.4.11, FortiProxy 7.2 all versions, FortiProxy 7.0.1 through 7.0.22 may allow an unauthenticated proxy user ...

5.3CVSS6.2AI score0.00398EPSS
Exploits1References1
CVE
CVE
added 2025/10/14 3:23 p.m.20 views

CVE-2025-25255

The CVE-2025-25255 entry describes an Improperly Implemented Security Check for Standard vulnerability (CWE-358) in Fortinet FortiOS 7.6.0–7.6.3 and FortiProxy 7.6.0–7.6.3, FortiProxy 7.4.0–7.4.11, FortiProxy 7.2 all versions, and FortiProxy 7.0.1–7.0.22. The issue allows an unauthenticated proxy...

5.3CVSS6.2AI score0.00398EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2025/10/14 12:0 a.m.9 views

PT-2025-41949

Name of the Vulnerable Software and Affected Versions FortiProxy versions 7.0.1 through 7.0.21 FortiProxy versions 7.2 all versions FortiProxy versions 7.4 all versions FortiProxy versions 7.6.0 through 7.6.3 Description An improperly implemented security check may allow an authenticated proxy us...

6.5AI score0.00398EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-4369

Malware in sbrugna...

7.5CVSS8.6AI score0.02851EPSS
Exploits0References17
Rows per page
Query Builder