9972 matches found
PT-2026-31327
Name of the Vulnerable Software and Affected Versions Rapid7 Insight Agent versions affected versions not specified Description A flaw exists in the beaconing logic of the Rapid7 Insight Agent for Linux, potentially allowing an attacker to execute code remotely as root through a crafted beacon...
MCP-DPT: A Defense-Placement Taxonomy and Coverage Analysis for Model Context Protocol Security
The Model Context Protocol MCP enables large language models LLMs to dynamically discover and invoke third-party tools, significantly expanding agent capabilities while introducing a distinct security landscape. Unlike prompt-only interactions, MCP exposes pre-execution artifacts, shared context,...
OpenSSL Toolkit 3.0.20
OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer and Transport Layer Security protocols with full-strength cryptography world-wide. This is the 3.0 LTS release...
OpenSSL Toolkit 3.3.7
OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer and Transport Layer Security protocols with full-strength cryptography world-wide. This is the 3.3 release...
OpenSSL Toolkit 3.4.5
OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer and Transport Layer Security protocols with full-strength cryptography world-wide. This is the 3.4 release...
OpenSSL Toolkit 3.6.2
OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer and Transport Layer Security protocols with full-strength cryptography world-wide. This is the 3.6 release...
OpenSSL Toolkit 3.5.6
OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer and Transport Layer Security protocols with full-strength cryptography world-wide. This is the 3.5 LTS release...
GO-2026-4870 Unauthenticated TLS 1.3 KeyUpdate record can cause persistent connection retention and DoS in crypto/tls
If one side of the TLS connection sends multiple key update messages post-handshake in a single record, the connection can deadlock, causing uncontrolled consumption of resources. This can lead to a denial of service. This only affects TLS 1.3...
Allocation of Resources Without Limits or Throttling
Overview std/crypto/tls is a Go standard library package std/crypto/tls Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling. Go Vulnerability Report: If one side of the TLS connection sends multiple key update messages post-handshake in a singl...
CVE-2026-34582
Botan is a C++ cryptography library. Prior to version 3.11.1, the TLS 1.3 implementation allowed ApplicationData records to be processed prior to the Finished message being received. A server which is attempting to enforce client authentication via certificates can by bypassed by a client which...
CVE-2026-34582
Botan is a C++ cryptography library. Prior to version 3.11.1, the TLS 1.3 implementation allowed ApplicationData records to be processed prior to the Finished message being received. A server which is attempting to enforce client authentication via certificates can by bypassed by a client which...
UBUNTU-CVE-2026-34582
Botan is a C++ cryptography library. Prior to version 3.11.1, the TLS 1.3 implementation allowed ApplicationData records to be processed prior to the Finished message being received. A server which is attempting to enforce client authentication via certificates can by bypassed by a client which...
Improper Enforcement of Behavioral Workflow
Overview Affected versions of this package are vulnerable to Improper Enforcement of Behavioral Workflow in the TLS 1.3 implementation, which processes ApplicationData records before receiving the Finished message. An attacker can bypass certificate-based client authentication by omitting the...
CVE-2026-34582
Botan is a C++ cryptography library. Prior to version 3.11.1, the TLS 1.3 implementation allowed ApplicationData records to be processed prior to the Finished message being received. A server which is attempting to enforce client authentication via certificates can by bypassed by a client which...
EUVD-2026-19948
Botan is a C++ cryptography library. Prior to version 3.11.1, the TLS 1.3 implementation allowed ApplicationData records to be processed prior to the Finished message being received. A server which is attempting to enforce client authentication via certificates can by bypassed by a client which...
CVE-2026-34582 Botan has a TLS 1.3 certificate authentication bypass
Botan is a C++ cryptography library. Prior to version 3.11.1, the TLS 1.3 implementation allowed ApplicationData records to be processed prior to the Finished message being received. A server which is attempting to enforce client authentication via certificates can by bypassed by a client which...
CVE-2026-34582
Botan TLS 1.3 vulnerability (CVE-2026-34582) affects Botan prior to 3.11.1, where ApplicationData records could be processed before the TLS Finished message, allowing bypass of client authentication via certificates. Affected: Botan before 3.11.1. Mitigation: upgrade to Botan 3.11.1 or later (sec...
CVE-2026-34582
Botan is a C++ cryptography library. Prior to version 3.11.1, the TLS 1.3 implementation allowed ApplicationData records to be processed prior to the Finished message being received. A server which is attempting to enforce client authentication via certificates can by bypassed by a client which...
CVE-2026-39312
SoftEtherVPN is a an open-source cross-platform multi-protocol VPN Program. In 5.2.5188 and earlier, a pre-authentication denial-of-service vulnerability exists in SoftEther VPN Developer Edition 5.2.5188 and likely earlier versions of Developer Edition. An unauthenticated remote attacker can cra...
CVE-2026-39312 Pre-Auth EAP-TLS DoS on SoftEther VPN Developer Edition
SoftEtherVPN is a an open-source cross-platform multi-protocol VPN Program. In 5.2.5188 and earlier, a pre-authentication denial-of-service vulnerability exists in SoftEther VPN Developer Edition 5.2.5188 and likely earlier versions of Developer Edition. An unauthenticated remote attacker can cra...