3 matches found
CVE-2026-40542 vulnerabilities
Vulnerabilities for packages: dependency-track, apache-nifi, trino, opensearch...
CVE-2026-40542
creationtimestamp| type| source ---|---|--- 2026-04-22 08:24:50+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mk333xsffz2e 2026-04-22 15:24:25+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mk3skbh6ht2h 2026-04-22 17:24:29+00:00| seen|...
CVE-2026-40542 Apache HttpClient: SCRAM-SHA-256 mutual authentication bypass may cause the client to accept authentication without proper mutual authentication verification
Missing critical step in authentication in Apache HttpClient 5.6 allows an attacker to cause the client to accept SCRAM-SHA-256 authentication without proper mutual authentication verification. Users are recommended to upgrade to version 5.6.1, which fixes this issue...