VYPR

CWE-295

Improper Certificate Validation

BaseDraft

Description

The product does not validate, or incorrectly validates, a certificate.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-459 · CAPEC-475

CVEs mapped to this weakness (720)

page 5 of 36
  • CVE-2018-10403HigJun 13, 2018
    risk 0.51cvss 7.8epss 0.01

    An issue was discovered in F-Secure XFENCE and Little Flocker. A maliciously crafted Universal/fat binary can evade third-party code signing checks. By not completing full inspection of the Universal/fat binary, the user of the third-party tool will believe that the code is…

  • CVE-2026-47074HigMay 28, 2026
    risk 0.50cvss epss 0.00

    Improper Certificate Validation vulnerability in ex-aws ex_aws_sns (ExAws.SNS, ExAws.SNS.PublicKeyCache modules) allows Signature Spoofing by Improper Validation. This vulnerability is associated with program files lib/ex_aws/sns.ex, lib/ex_aws/sns/public_key_cache.ex and…

  • CVE-2026-44700HigMay 14, 2026
    risk 0.50cvss epss 0.00

    Elixir WebRTC is an Elixir implementation of the W3C WebRTC API. Prior to 0.15.1 and 0.16.1, missing DTLS peer certificate fingerprint validation in the DTLS client (active) role removes one side of WebRTC's mutual authentication. The bug is not independently exploitable for…

  • CVE-2025-66001HigJan 8, 2026
    risk 0.50cvss 8.8epss 0.00

    NeuVector supports login authentication through OpenID Connect. However, the TLS verification (which verifies the remote server's authenticity and integrity) for OpenID Connect is not enforced by default. As a result this may expose the system to man-in-the-middle (MITM) attacks.

  • CVE-2025-9785HigSep 3, 2025
    risk 0.50cvss epss 0.00

    PaperCut Print Deploy is an optional component that integrates with PaperCut NG/MF which simplifies printer deployment and management. When the component is deployed to an environment, the customer has an option to configure the system to use a self-signed certificate. If the…

  • CVE-2024-48915HigOct 15, 2024
    risk 0.50cvss epss 0.00

    Agent Dart is an agent library built for Internet Computer for Dart and Flutter apps. Prior to version 1.0.0-dev.29, certificate verification in `lib/agent/certificate.dart` does not occur properly. During the delegation verification in the `_checkDelegation` function, the…

  • CVE-2025-71261HigJun 16, 2026
    risk 0.49cvss 8.6epss 0.00

    An attacker with network-level access between the SUSE Virtualization and Rancher Manager in SUSE Harvester before 1.8.0 could interfere with the TLS handshake and abuse it to bypass TLS as a security control.

  • CVE-2026-45170HigJun 12, 2026
    risk 0.49cvss epss 0.00

    Idira Privilege Cloud Connector versions prior 1.1.100504 under specific conditions and configuration scenarios, TLS certificate validation may not be fully enforced. CyberArk Security Bulletin: CA26-17

  • CVE-2026-34580HigApr 7, 2026
    risk 0.49cvss 7.5epss 0.00

    Botan is a C++ cryptography library. In 3.11.0, the function Certificate_Store::certificate_known had a misleading name; it would return true if any certificate in the store had a DN (and subject key identifier, if set) matching that of the argument. It did not check that the…

  • CVE-2025-65753HigFeb 17, 2026
    risk 0.49cvss 7.5epss 0.00

    An issue in the TLS certification mechanism of Guardian Gryphon v01.06.0006.22 allows attackers to execute commands as root.

  • CVE-2025-70029HigFeb 11, 2026
    risk 0.49cvss 7.5epss 0.00

    An issue in Sunbird-Ed SunbirdEd-portal v1.13.4 allows attackers to obtain sensitive information. The application disables TLS/SSL certificate validation by setting 'rejectUnauthorized': false in HTTP request options

  • CVE-2025-10495HigNov 12, 2025
    risk 0.49cvss 7.5epss 0.00

    A potential vulnerability was reported in the Lenovo PC Manager, Lenovo App Store, Lenovo Browser, and Lenovo Legion Zone client applications that, under certain conditions, could allow an attacker on the same logical network to execute arbitrary code.

  • CVE-2025-40744HigNov 11, 2025
    risk 0.49cvss 7.5epss 0.00

    A vulnerability has been identified in Solid Edge SE2025 (All versions < V225.0 Update 11). Affected applications do not properly validate client certificates to connect to License Service endpoint. This could allow an unauthenticated remote attacker to perform man in the middle…

  • CVE-2025-54470HigOct 30, 2025
    risk 0.49cvss 8.6epss 0.00

    This vulnerability affects NeuVector deployments only when the Report anonymous cluster data option is enabled. When this option is enabled, NeuVector sends anonymous telemetry data to the telemetry server. In affected versions, NeuVector does not enforce TLS certificate…

  • CVE-2025-0501HigJan 15, 2025
    risk 0.49cvss 7.5epss 0.00

    An issue in the native clients for Amazon WorkSpaces (when running PCoIP protocol) may allow an attacker to access remote sessions via man-in-the-middle.

  • CVE-2025-0500HigJan 15, 2025
    risk 0.49cvss 7.5epss 0.00

    An issue in the native clients for Amazon WorkSpaces (when running Amazon DCV protocol), Amazon AppStream 2.0, and Amazon DCV Clients may allow an attacker to access remote sessions via man-in-the-middle.

  • CVE-2024-41996HigAug 26, 2024
    risk 0.49cvss 7.5epss 0.01

    Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause…

  • CVE-2021-22926HigAug 5, 2021
    risk 0.49cvss 7.5epss 0.10

    libcurl-using applications can ask for a specific client certificate to be used in a transfer. This is done with the `CURLOPT_SSLCERT` option (`--cert` with the command line tool).When libcurl is built to use the macOS native TLS library Secure Transport, an application can ask…

  • CVE-2016-7075HigSep 10, 2018
    risk 0.49cvss 7.5epss 0.02

    It was found that Kubernetes as used by Openshift Enterprise 3 did not correctly validate X.509 client intermediate certificate host name fields. An attacker could use this flaw to bypass authentication requirements by using a specially crafted X.509 certificate.

  • CVE-2016-6562HigJul 13, 2018
    risk 0.49cvss 7.5epss 0.00

    On iOS and Android devices, the ShoreTel Mobility Client app version 9.1.3.109 fails to properly validate SSL certificates provided by HTTPS connections, which means that an attacker in the position to perform MITM attacks may be able to obtain sensitive account information such…