EUVD-2026-30042

aria2c accepts a server certificate with incorrect Extended Key Usage EKU. If the attackers compromise a certificate with the associated private key issued for a different purpose, they may be able to reuse it for TLS server authentication...

EUVD-2026-29931

When curl is told to use the Certificate Status Request TLS extension, often referred to as OCSP stapling, to verify that the server certificate is valid, it fails to detect OCSP problems and instead wrongly consider the response as fine...

curl 安全漏洞

curl is an open-source tool developed by cURL for transferring data from or to a server. There is a security vulnerability in curl, which stems from a failure in OCSP binding detection. This failure may lead to an incorrect assumption that the server’s certificate is valid...

UBUNTU-CVE-2026-1858

wget2 accepts a server certificate with incorrect Key Usage KU or Extended Key Usage EKU. If the attackers compromise a certificate with the associated private key issued for a different purpose, they may be able to reuse it for TLS server authentication...

CVE-2026-1858

wget2 accepts a server certificate with incorrect Key Usage KU or Extended Key Usage EKU. If the attackers compromise a certificate with the associated private key issued for a different purpose, they may be able to reuse it for TLS server authentication...

PT-2026-35897

Name of the Vulnerable Software and Affected Versions curl affected versions not specified Description When using the Certificate Status Request TLS extension, commonly known as OCSP stapling, to verify server certificate validity, the software fails to detect OCSP problems and incorrectly treats...

JLSEC-2026-272

Issue summary: An uncommon configuration of clients performing DANE TLSA-based server authentication, when paired with uncommon server DANE TLSA records, may result in a use-after-free and/or double-free on the client side. Impact summary: A use after free can have a range of potential consequenc...

GHSA-C3H3-89QF-JQM5 LXD: Update of type field in restricted TLS certificate allows privilege escalation to cluster admin

Summary A restricted TLS certificate user can escalate to cluster admin by changing their certificate type from client to server via PUT/PATCH to /1.0/certificates/fingerprint. The non-admin guard and reset block in doCertificateUpdate fail to validate or reset the Type field, allowing a...

DEBIAN-CVE-2026-28387

Issue summary: An uncommon configuration of clients performing DANE TLSA-based server authentication, when paired with uncommon server DANE TLSA records, may result in a use-after-free and/or double-free on the client side. Impact summary: A use after free can have a range of potential consequenc...

CVE-2026-3822 Taipower｜Taipower APP(Android) - Improper Certificate Validation

Taipower APP for Andorid developed by Taipower has an Improper Certificate Validation vulnerability. When establishing an HTTPS connection with the server, the application fails to verify the server-side TLS/SSL certificate. This flaw allows an unauthenticated remote attackers to exploit the...

CVE-2026-3822

Summary: Taipower APP is vulnerable to an improper certificate validation in TLS/SSL. During HTTPS connections, the app does not verify the server’s certificate, enabling an unauthenticated attacker to perform a Man‑in‑the‑Middle (MITM) attack to read and tamper with network traffic. Affected pro...

EUVD-2025-208269

The server certificate was not verified when an Arc agent connected to a Guardian or CMC. A malicious actor could perform a man-in-the-middle attack and intercept the communication between the Arc agent and the Guardian or CMC. This could result in theft of the client token and sensitive...

CVE-2025-40896

The server certificate was not verified when an Arc agent connected to a Guardian or CMC. A malicious actor could perform a man-in-the-middle attack and intercept the communication between the Arc agent and the Guardian or CMC. This could result in theft of the client token and sensitive...

CVE-2025-40896

The server certificate was not verified when an Arc agent connected to a Guardian or CMC. A malicious actor could perform a man-in-the-middle attack and intercept the communication between the Arc agent and the Guardian or CMC. This could result in theft of the client token and sensitive...

CVE-2026-23750 Golioth Pouch (prior to commit 1b2219a1) BLE GATT Heap-based Buffer Overflow

Golioth Pouch version 0.1.0, prior to commit 1b2219a1, contains a heap-based buffer overflow in BLE GATT server certificate handling. servercertwrite allocates a heap buffer of size CONFIGPOUCHSERVERCERTMAXLEN when receiving the first fragment, then appends subsequent fragments using memcpy witho...

CVE-2026-23750

Golioth Pouch 0.1.0 (prior to the fixed version) is affected by a heap-based buffer overflow in the BLE GATT server certificate handling. In server_cert_write(), a heap buffer of CONFIG_POUCH_SERVER_CERT_MAX_LEN is allocated for the first fragment, and subsequent fragments are appended via memcpy...

CVE-2026-23750 Golioth Pouch (prior to commit 1b2219a1) BLE GATT Heap-based Buffer Overflow

Golioth Pouch version 0.1.0, prior to commit 1b2219a1, contains a heap-based buffer overflow in BLE GATT server certificate handling. servercertwrite allocates a heap buffer of size CONFIGPOUCHSERVERCERTMAXLEN when receiving the first fragment, then appends subsequent fragments using memcpy witho...

CVE-2025-15573

The affected devices do not validate the server certificate when connecting to the SolaX Cloud MQTTS server hosted in the Alibaba Cloud mqtt001.solaxcloud.com, TCP 8883. This allows attackers in a man-in-the-middle position to act as the legitimate MQTT server and issue arbitrary commands to...

CVE-2025-15573

The CVE-2025-15573 entry describes a lack of server certificate validation when devices connect to the SolaX Cloud MQTTS server (mqtt001.solaxcloud.com:8883) hosted on Alibaba Cloud. This enables a man-in-the-middle attacker to impersonate the legitimate MQTT server and dispatch arbitrary command...

SolaX Power Pocket 安全漏洞

SolaX Power Pocket is a monitoring data collection tool developed by SolaX Energy in China. There is a security vulnerability in SolaX Power Pocket, which stems from the lack of server certificate verification when connecting to the SolaX Cloud MQTTS server. This vulnerability could allow a...