4353 matches found
PYSEC-2026-24
Apache Airflow's SMTP provider SmtpHook called Python's smtplib.SMTP.starttls without an SSL context, so no certificate validation was performed on the TLS upgrade. A man-in-the-middle between the Airflow worker and the SMTP server could present a self-signed certificate, complete the STARTTLS...
PT-2026-37108
Name of the Vulnerable Software and Affected Versions CKAN versions prior to 2.10.10 CKAN versions prior to 2.11.5 Description The configured SMTP server may be spoofed using any certificate, such as a self-signed one. This allows for Man-in-the-Middle MITM attacks, where an attacker intercepts...
CVE-2026-40557
Improper Certificate Validation via Global SSL Context Downgrade in Apache Storm Prometheus Reporter Versions Affected: from 2.6.3 to 2.8.6 Description: In production deployments where an administrator enables storm.daemon.metrics.reporter.plugin.prometheus.skiptlsvalidation by default it is...
mitmproxy 注入漏洞
Mitmproxy is an interactive, open-source intercepting proxy that supports SSL/TLS. It comes with a console interface for HTTP/1, HTTP/2, and WebSockets. Versions of Mitmproxy prior to 12.2.1 have a vulnerability due to improper cleanup of usernames during LDAP proxy authentication, which could...
DEBIAN-CVE-2026-32105
xrdp is an open source RDP server. In versions through 0.10.5, xrdp does not implement verification for the Message Authentication Code MAC signature of encrypted RDP packets when using the "Classic RDP Security" layer. While the sender correctly generates signatures, the receiving logic lacks th...
CVE-2026-32105
xrdp is an open source RDP server. In versions through 0.10.5, xrdp does not implement verification for the Message Authentication Code MAC signature of encrypted RDP packets when using the "Classic RDP Security" layer. While the sender correctly generates signatures, the receiving logic lacks th...
CVE-2026-32105
xrdp is an open source RDP server. In versions through 0.10.5, xrdp does not implement verification for the Message Authentication Code MAC signature of encrypted RDP packets when using the "Classic RDP Security" layer. While the sender correctly generates signatures, the receiving logic lacks th...
CVE-2026-32105
xrdp is an open source RDP server. In versions through 0.10.5, xrdp does not implement verification for the Message Authentication Code MAC signature of encrypted RDP packets when using the "Classic RDP Security" layer. While the sender correctly generates signatures, the receiving logic lacks th...
SUSE CVE-2025-14821
A flaw was found in libssh. This vulnerability allows local man-in-the-middle attacks, security downgrades of SSH Secure Shell connections, and manipulation of trusted host information, posing a significant risk to the confidentiality, integrity, and availability of SSH communications via an...
CVE-2026-34477
A flaw was found in Apache Log4j Core. A network-based attacker can perform a man-in-the-middle MITM attack, allowing them to intercept encrypted communications. This occurs when an SMTP, Socket, or Syslog appender uses Transport Layer Security TLS with a nested element, and the attacker has a...
pentestfr
Pentest Framework — Kali Linux / VirtualBox Framework Python...
CVE-2026-34872
An issue was discovered in Mbed TLS 3.5.x and 3.6.x through 3.6.5 and TF-PSA-Crypto 1.0. There is a lack of contributory behavior in FFDH due to improper input validation. Using finite-field Diffie-Hellman, the other party can force the shared secret into a small set of values lack of contributor...
curl: Bypassing Strict SSH Server Verification via Connection Pool Reuse in libcurl
Summary There is a logic flaw in how libcurl manages its connection pool for SSH protocols SFTP/SCP. When evaluating an existing connection for reuse, sshconfigmatches in lib/url.c fails to compare server identity verification policies. By ignoring CURLOPTSSHKNOWNHOSTS, CURLOPTSSHHOSTPUBLICKEYMD5...
AlmaLinux 8 : nginx:1.24 (ALSA-2026:5581)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:5581 advisory. nginx: NGINX: Data injection via man-in-the-middle attack on TLS proxied connections CVE-2026-1642 Tenable has extracted the preceding description block directly...
n8n's Source Control SSH Configuration Uses StrictHostKeyChecking=no
Impact When the Source Control feature is configured to use SSH, the SSH command used for git operations explicitly disabled host key verification. A network attacker positioned between the n8n instance and the remote Git server could intercept the connection and present a fraudulent host key,...
nginx:1.24 security update
1.24.0-2.0.1 - Remove Red Hat references Orabug: 29498217 1:1.24.0-2 - Resolves: RHEL-146517 - nginx:1.24/nginx: NGINX: Data injection via man-in-the-middle attack on TLS proxied connections CVE-2026-1642 1:1.24.0-1 - Resolves: RHEL-14714 - add nginx:1.24 to RHEL 8.10 1:1.22.1-2 - Resolves:...
EulerOS Virtualization 2.12.1 : curl (EulerOS-SA-2026-1421)
According to the versions of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : When doing multi-threaded LDAPS transfers LDAP over TLS with libcurl,changing TLS options in one thread would inadvertently change th...
Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2026-1574)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 2.12.0 : curl (EulerOS-SA-2026-1478)
According to the versions of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : When doing multi-threaded LDAPS transfers LDAP over TLS with libcurl,changing TLS options in one thread would inadvertently change th...
EUVD-2026-10497
Specially crafted ZIP archives can escape the intended extraction directory during Node.js download and extraction in Vaadin 14.2.0 through 14.14.0, 23.0.0 through 23.6.6, 24.0.0 through 24.9.8, and 25.0.0 through 25.0.2. Vaadin’s build process can automatically download and extract Node.js if it...