VYPR

Org.wso2.carbon.identity.auth.service

by Wso2

CVEs (1)

  • CVE-2025-9312Nov 18, 2025
    risk 0.00cvss epss 0.00

    A missing authentication enforcement vulnerability exists in the mutual TLS (mTLS) implementation used by System REST APIs and SOAP services in multiple WSO2 products. Due to improper validation of client certificate–based authentication in certain default configurations, the…