2 matches found
DEBIAN-CVE-2026-27586
Caddy is an extensible server platform that uses TLS by default. Prior to version 2.11.1, two swallowed errors in ClientAuthentication.provision cause mTLS client certificate authentication to silently fail open when a CA certificate file is missing, unreadable, or malformed. The server starts...
CVE-2026-27586
creationtimestamp| type| source ---|---|--- 2026-02-23 04:24:19+00:00| published-proof-of-concept| https://github.com/caddyserver/caddy/security/advisories/GHSA-hffm-g8v7-wrv7 2026-02-24 21:12:27+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mfn3g52qfd2e 2026-02-25 01:08:03+00:00|...