Lucene search
K

147 matches found

Snyk
Snyk
added 2026/07/03 8:18 a.m.5 views

Authentication Bypass by Primary Weakness

Overview Affected versions of this package are vulnerable to Authentication Bypass by Primary Weakness due to incomplete matching of mTLS configuration options during connection reuse in the connection process. An attacker can cause connections to be reused with incorrect client certificate...

9.3CVSS6.1AI score0.00368EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.9 views

PT-2026-53918

Name of the Vulnerable Software and Affected Versions Nightingale n9e versions prior to 9.0.0-beta.2 Description Authenticated users with low privileges Standard role can access full datasource configurations through the 'POST /api/n9e/datasource/list' endpoint. This occurs because the route lack...

7.1CVSS5.9AI score0.00238EPSS
Exploits0References10
EUVD
EUVD
added 2026/06/26 1:14 a.m.8 views

EUVD-2026-39613

A inconsistency in Node.js hostname matching can cause a trust-policy bypass in multi-context mTLS setups. This vulnerability affects all supported release lines: Node.js 22, Node.js 24, and Node.js 26...

5.4CVSS6.2AI score0.00256EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/26 1:14 a.m.43 views

CVE-2026-48928

A inconsistency in Node.js hostname matching can cause a trust-policy bypass in multi-context mTLS setups. This vulnerability affects all supported release lines: Node.js 22, Node.js 24, and Node.js 26...

4.2CVSS0.00256EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/06/26 12:0 a.m.8 views

libcurl 7.7 < 8.21.0 Incomplete mTLS Config Matching in Connection Reuse

The version of libcurl installed on the remote host is 7.7 prior to 8.21.0. It is, therefore, affected by an improper certificate validation vulnerability: - libcurl would reuse a previously created connection even when some mTLS config related option had been changed that should have prohibited...

7.5CVSS6.2AI score0.00368EPSS
Exploits1References2
curl security advisories
curl security advisories
added 2026/06/24 8:0 a.m.30 views

incomplete mTLS config matching in conn reuse

libcurl would reuse a previously created connection even when some mTLS config related option had been changed that should have prohibited reuse. libcurl keeps previously used connections in a connection pool for subsequent transfers to reuse if one of them matches the setup. However, some TLS...

7.5CVSS5.8AI score0.00368EPSS
Exploits1References1Affected Software2
Vulnrichment
Vulnrichment
added 2026/06/23 7:13 p.m.18 views

CVE-2026-53622 Traefik: HTTP/3 mTLS bypass via exact SNI TLSOptions lookup for wildcard and mixed-case hosts

Traefik is an HTTP reverse proxy and load balancer. Prior to 3.7.3, there is a critical vulnerability in Traefik's HTTP/3 QUIC TLS configuration selection that allows unauthenticated clients to bypass router-specific mTLS enforcement. When HTTP/3 is enabled on an entrypoint, the TLS handshake...

7.8CVSS5.9AI score0.0024EPSS
Exploits1References2
CVE
CVE
added 2026/06/23 7:13 p.m.17 views

CVE-2026-53622

CVE-2026-53622 concerns Traefik’s HTTP/3 (QUIC) TLS configuration selection. When HTTP/3 is enabled, the TLS handshake uses an exact, case-sensitive lookup of the SNI to choose a TLS config, which fails to match wildcard hosts or mixed-case hostnames. If a router enforces mTLS via TLSOptions and ...

10CVSS5.9AI score0.0024EPSS
Exploits1References5Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/06/20 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-48928

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A inconsistency in Node.js hostname matching can cause a trust-policy bypass in multi-context mTLS setups. This vulnerability affects all supported release line...

5.4CVSS6.7AI score0.00256EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/06/18 5:22 p.m.21 views

@acastellon/auth: Authentication bypass via spoofable headers in validateToken()

@acastellon/auth v2.2.0 appears to allow an unauthenticated authentication bypass in validateToken through spoofable auth-user and Host request headers. The validateToken middleware contains a service-to-service bypass for auth-user: service-brother when req.get'host'.startsWithgetHostName. Both...

8.7CVSS5.5AI score0.00543EPSS
Exploits0References4Affected Software1
OPENSUSE Linux
OPENSUSE Linux
added 2026/06/02 12:0 a.m.8 views

Security update for rqlite (important)

openSUSE security update: security update for rqlite ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20854-1 Rating: important References: bsc1265706 bsc1266544 Cross-References: CVE-2026-33814 CVE-2026-39821 CVSS scores: CVE-2026-33814 SUSE : 7.5...

9.1CVSS5.8AI score0.00781EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/05/28 3:58 a.m.18 views

SUSE CVE-2026-42789

Improper Following of a Certificate's Chain of Trust vulnerability in Erlang OTP publickey pubkeycert module allows a non-CA certificate to be accepted as an intermediate issuer, enabling certificate chain forgery. In lib/publickey/src/pubkeycert.erl, pubkeycert:validateextensions/7 contains two...

7.4CVSS5.9AI score0.00322EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/04/13 7:24 p.m.5 views

CVE-2026-4837

An eval injection vulnerability in the Rapid7 Insight Agent beaconing logic for Linux versions could theoretically allow an attacker to achieve remote code execution as root via a crafted beacon response. Because the Agent uses mutual TLS mTLS to verify commands from the Rapid7 Platform, it is...

7.2CVSS6.5AI score0.0041EPSS
Exploits0References1
OSV
OSV
added 2026/03/26 2:16 p.m.7 views

DEBIAN-CVE-2026-33343

etcd is a distributed key-value store for the data of a distributed system. Prior to versions 3.4.42, 3.5.28, and 3.6.9, an authenticated user with RBAC restricted permissions on key ranges can use nested transactions to bypass all key-level authorization. This allows any authenticated user with...

6.5CVSS5.4AI score0.0021EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2026/03/26 2:16 p.m.4 views

CVE-2026-33343

etcd is a distributed key-value store for the data of a distributed system. Prior to versions 3.4.42, 3.5.28, and 3.6.9, an authenticated user with RBAC restricted permissions on key ranges can use nested transactions to bypass all key-level authorization. This allows any authenticated user with...

6.5CVSS5.9AI score0.0021EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/03/26 12:0 a.m.3 views

Traefik < 2.11.41 / 3.x < 3.6.11 Multiple Vulnerabilities

The version of Traefik installed on the remote macOS host is prior to 2.11.41 or 3.x prior to 3.6.11. It is, therefore, affected by multiple vulnerabilities: - mTLS bypass through the TLS SNI pre-sniffing logic related to fragmented ClientHello packets. When a TLS ClientHello is fragmented across...

8.3CVSS6.4AI score0.00405EPSS
Exploits0References4
CVE
CVE
added 2026/03/25 8:18 p.m.13 views

CVE-2026-33248

NATS-Server has an authentication bypass vulnerability in mTLS verify_and_map where certain RDN patterns in the client certificate Subject DN were not correctly enforced. A valid certificate from a trusted CA could bypass identity checks on versions prior to 2.11.15 and 2.12.6. The issue is consi...

4.2CVSS5.8AI score0.00143EPSS
Exploits0References2Affected Software1
Snyk
Snyk
added 2026/03/24 9:51 p.m.3 views

Improper Certificate Validation

Overview Affected versions of this package are vulnerable to Improper Certificate Validation through the RDNsMatch LDAP DN matching function in the internal/ldap component. An attacker can impersonate a trusted client and gain unauthorized access by presenting a certificate with a different set o...

4.8CVSS5.7AI score0.00143EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2026/03/20 10:1 a.m.5 views

CVE-2026-32305

Traefik is an HTTP reverse proxy and load balancer. Versions 2.11.40 and below, 3.0.0-beta1 through 3.6.11, and 3.7.0-ea.1 are vulnerable to mTLS bypass through the TLS SNI pre-sniffing logic related to fragmented ClientHello packets. When a TLS ClientHello is fragmented across multiple records,...

7.8CVSS5.8AI score0.00405EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/03/20 3:37 a.m.2 views

CVE-2026-32941 Sliver Vulnerable to Authenticated OOM via Memory Exhaustion in mTLS/WireGuard Transports

Sliver is a command and control framework that uses a custom Wireguard netstack. Versions 1.7.3 and below contain a Remote OOM Out-of-Memory vulnerability in the Sliver C2 server's mTLS and WireGuard C2 transport layer. The socketReadEnvelope and socketWGReadEnvelope functions trust an...

7.1CVSS5.8AI score0.00298EPSS
Exploits1References1
Rows per page
Query Builder