GHSA-JHPV-4Q4F-43G5 Akka.Remote TLS did not properly implement certificate-based authentication

Impact This is a critical network security vulnerability for Akka.Remote users who have SSL / TLS enabled on their Akka.Remote connections and were expecting certificate-based authentication to be enforced on all peers attempting to join the network. In all versions of Akka.Remote from v1.2.0 to...

CVE-2025-61778

Akka.NET is a .NET port of the Akka project from the Scala / Java community. In all versions of Akka.Remote from v1.2.0 to v1.5.51, TLS could be enabled via our akka.remote.dot-netty.tcp transport and this would correctly enforce private key validation on the server-side of inbound connections...

Akka.Remote TLS did not properly implement certificate-based authentication

This is a critical network security vulnerability for Akka.Remote users who have SSL / TLS enabled on their Akka.Remote connections and were expecting certificate-based authentication to be enforced on all peers attempting to join the network. In all versions of Akka.Remote from v1.2.0 to v1.5.51...

CVE-2025-61778

Akka.NET is a .NET port of the Akka project from the Scala / Java community. In all versions of Akka.Remote from v1.2.0 to v1.5.51, TLS could be enabled via our akka.remote.dot-netty.tcp transport and this would correctly enforce private key validation on the server-side of inbound connections...

CVE-2025-61778 Akka.Remote TLS did not properly implement certificate-based authentication

Akka.NET is a .NET port of the Akka project from the Scala / Java community. In all versions of Akka.Remote from v1.2.0 to v1.5.51, TLS could be enabled via our akka.remote.dot-netty.tcp transport and this would correctly enforce private key validation on the server-side of inbound connections...

CVE-2025-61778

CVE-2025-61778 affects Akka.Remote in Akka.NET (versions 1.2.0–1.5.51). The TLS implementation on the akka.remote.dot-netty.tcp transport correctly validates private keys on the server side for inbound connections, but outbound clients were never required to present a certificate, allowing untrus...

PT-2025-40934

Name of the Vulnerable Software and Affected Versions Akka.NET versions 1.2.0 through 1.5.51 Description Akka.NET, a .NET port of the Akka project, has an issue where the Akka.Remote component did not implement mutual TLS mTLS in versions 1.2.0 through 1.5.51. When TLS was enabled via the...

WordPress Spider Event Calendar SQL Injection Vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language , the platform supports in PHP and MySQL server to set up a personal blog site . Spider Event Calendar is one of the highly configurable calendar plugin . A SQL injection vulnerability exist...