CVE-2026-35525

LiquidJS is a Shopify / GitHub Pages compatible template engine in pure JavaScript. Prior to 10.25.3, for % include %, % render %, and % layout %, LiquidJS checks whether the candidate path is inside the configured partials or layouts roots before reading it. That check is path-based, not...

BIT-GOLANG-2026-32281 Inefficient policy validation in crypto/x509

Validating certificate chains which use policies is unexpectedly inefficient when certificates in the chain contain a very large number of policy mappings, possibly causing denial of service. This only affects validation of otherwise trusted certificate chains, issued by a root CA in the...

PT-2026-32425

When verifying a certificate chain containing excluded DNS constraints, these constraints are not correctly applied to wildcard DNS SANs which use a different case than the constraint. This only affects validation of otherwise trusted certificate chains, issued by a root CA in the...

CVE-2026-35525

LiquidJS is a Shopify / GitHub Pages compatible template engine in pure JavaScript. Prior to 10.25.3, for % include %, % render %, and % layout %, LiquidJS checks whether the candidate path is inside the configured partials or layouts roots before reading it. That check is path-based, not...

DEBIAN-CVE-2026-33810

When verifying a certificate chain containing excluded DNS constraints, these constraints are not correctly applied to wildcard DNS SANs which use a different case than the constraint. This only affects validation of otherwise trusted certificate chains, issued by a root CA in the...

UBUNTU-CVE-2026-32281

Validating certificate chains which use policies is unexpectedly inefficient when certificates in the chain contain a very large number of policy mappings, possibly causing denial of service. This only affects validation of otherwise trusted certificate chains, issued by a root CA in the...

CVE-2026-32281

Validating certificate chains which use policies is unexpectedly inefficient when certificates in the chain contain a very large number of policy mappings, possibly causing denial of service. This only affects validation of otherwise trusted certificate chains, issued by a root CA in the...

EUVD-2026-20010

Validating certificate chains which use policies is unexpectedly inefficient when certificates in the chain contain a very large number of policy mappings, possibly causing denial of service. This only affects validation of otherwise trusted certificate chains, issued by a root CA in the...

Linux Distros Unpatched Vulnerability : CVE-2026-32281

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Validating certificate chains which use policies is unexpectedly inefficient when certificates in the chain contain a very large number of policy mappings,...

PT-2026-31027

Name of the Vulnerable Software and Affected Versions Botan versions prior to 3.11.1 Description The Botan cryptography library contains a flaw in the Certificate Store::certificate known function. This function incorrectly identifies certificates, returning true if any certificate in the store h...

Golang 1.26.x < 1.26.1 Multiple Vulnerabilities

The version of Golang running on the remote host is prior to 1.26.1. It is, therefore, affected by multiple vulnerabilities as referenced in the advisory. - When verifying a certificate chain which contains a certificate containing multiple email address constraints composed of the full email...

EUVD-2025-25349

Malicious code in bioql PyPI...

CVE-2025-6182 Root Certificate Injection

The StrongDM Windows service incorrectly handled communication related to system certificate management. Attackers could exploit this behavior to install untrusted root certificates or remove trusted ones...

CLSA-2024-1708029694 Update of nss

Update to CKBI 2.64 from NSS 3.95 - Removed: - Certificate "E-Tugra Certification Authority" - Certificate "Explicitly Distrusted DigiNotar PKIoverheid G2" - Certificate "Hongkong Post Root CA 1" - Certificate "Symantec Class 1 Public Primary Certification Authority - G6" - Certificate "Symantec...

CLSA-2024-1705941381 Update of ca-certificates

Update to CKBI 2.64 from NSS 3.95 - Updated: - Certificate "Autoridad de Certificacion Firmaprofesional CIF A62634068" - Removed: - Certificate "E-Tugra Certification Authority" - Certificate "Hongkong Post Root CA 1" - Certificate "Symantec Class 1 Public Primary Certification Authority - G6" -...

CLSA-2024-1705941268 Update of ca-certificates

update to CKBI 2.64 from NSS 3.95 - updated: - Certificate "Autoridad de Certificacion Firmaprofesional CIF A62634068" - removed old certificates: - Certificate "E-Tugra Certification Authority" - Certificate "Hongkong Post Root CA 1" - Certificate "Symantec Class 1 Public Primary Certification...

python: NULL pointer dereference using a specially crafted X509 certificate

A null pointer dereference vulnerability was found in the certificate parsing code in Python. This causes a denial of service to applications when parsing specially crafted certificates. This vulnerability is unlikely to be triggered if application enables SSL/TLS certificate validation and accep...

python: NULL pointer dereference using a specially crafted X509 certificate

A null pointer dereference vulnerability was found in the certificate parsing code in Python. This causes a denial of service to applications when parsing specially crafted certificates. This vulnerability is unlikely to be triggered if application enables SSL/TLS certificate validation and accep...

PT-2012-4669 · Cyberoam · Cyberoam Utm

Name of the Vulnerable Software and Affected Versions: Cyberoam UTM appliances affected versions not specified Description: The default configuration of Cyberoam UTM appliances uses the same Certification Authority certificate and same private key across different customers' installations. This...