Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

RedhatCVE
RedhatCVEadded yesterday5 views

CVE-2026-42789

A flaw was found in Erlang OTP's publickey module. This vulnerability CWE-295, related to improper certificate validation, allows a non-Certificate Authority CA certificate to be accepted as an intermediate issuer. A remote attacker, holding an end-entity certificate issued by a trusted CA, can...

8CVSS5.8AI score0.00037EPSS
Exploits0References9
Cvelist
Cvelistadded 2026/04/10 3:7 a.m.29 views

CVE-2026-5501 Improper Certificate Signature Verification in X.509 Chain Validation Allows Forged Leaf Certificates

wolfSSLX509verifycert in the OpenSSL compatibility layer accepts a certificate chain in which the leaf's signature is not checked, if the attacker supplies an untrusted intermediate with Basic Constraints CA:FALSE that is legitimately signed by a trusted root. An attacker who obtains any leaf...

8.6CVSS0.00023EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/04/10 3:7 a.m.1 views

CVE-2026-5501 Improper Certificate Signature Verification in X.509 Chain Validation Allows Forged Leaf Certificates

wolfSSLX509verifycert in the OpenSSL compatibility layer accepts a certificate chain in which the leaf's signature is not checked, if the attacker supplies an untrusted intermediate with Basic Constraints CA:FALSE that is legitimately signed by a trusted root. An attacker who obtains any leaf...

8.6CVSS5.9AI score0.00023EPSS
Exploits0References1
SUSE CVE
SUSE CVEadded 2026/04/09 11:26 p.m.1 views

SUSE CVE-2026-33753

rfc3161-client is a Python library implementing the Time-Stamp Protocol TSP described in RFC 3161. Prior to 1.0.6, an Authorization Bypass vulnerability in rfc3161-client's signature verification allows any attacker to impersonate a trusted TimeStamping Authority TSA. By exploiting a logic flaw i...

7.5CVSS5.8AI score0.0001EPSS
Exploits1References3
Vulnrichment
Vulnrichmentadded 2026/04/08 2:54 p.m.4 views

CVE-2026-33753 Improper Certificate Validation in rfc3161-client

rfc3161-client is a Python library implementing the Time-Stamp Protocol TSP described in RFC 3161. Prior to 1.0.6, an Authorization Bypass vulnerability in rfc3161-client's signature verification allows any attacker to impersonate a trusted TimeStamping Authority TSA. By exploiting a logic flaw i...

6.2CVSS5.9AI score0.0001EPSS
Exploits1References1
Positive Technologies
Positive Technologiesadded 2026/04/08 12:0 a.m.1 views

PT-2026-31325

Name of the Vulnerable Software and Affected Versions rfc3161-client versions prior to 1.0.6 Description An authorization bypass issue exists in rfc3161-client's signature verification. An attacker can impersonate a trusted TimeStamping Authority TSA by exploiting a flaw in how the library extrac...

6.2CVSS5.8AI score0.0001EPSS
Exploits1References11
Anthropic
Anthropicadded 2026/03/29 8:42 p.m.4 views

ANT-2026-K8YY7WWS · wolfSSL · improper-cert-validation

improper-cert-validation high CVE-2026-5501 Severity Claude high · Security research firm high · Maintainer - Discovered by Claude Mythos Preview SECURITY RESEARCH FIRM ANALYSIS Triage and disclosure were performed by Calif. The writeup below is the document the firm sent to the maintainer...

8.6CVSS5.8AI score0.00023EPSS
Exploits0
Rows per page
Query Builder