Fallos del tipo CWE-295
695 resultadosCVE-2026-35207MEDIUMdeepinid plugin in dde-control-center is configured to skip TLS certificate verification when downloading avatar from remote serverEPSS 0.1%CVE-2026-44312MEDIUMcss_parser allows to MITM included https css urlsEPSS 0.1%CVE-2026-11310HIGHX.509 trust-chain bypass in wolfSSL_X509_verify_cert() via untrusted intermediate anchoringEPSS 0.1%CVE-2026-11999HIGHX.509 trust-chain bypass via path-depth exhaustion in wolfSSL_X509_verify_cert()EPSS 0.1%CVE-2026-55960HIGHUn-negotiated Raw Public Key (RFC 7250) accepted in place of X.509, bypassing chain validationEPSS 0.1%CVE-2025-37730MEDIUMLogstash Improper Certificate Validation in TCP outputEPSS 0.1%CVE-2026-4396HIGHImproper certificate validation in Devolutions Hub Reporting Service
2025.3.1.1 and earlier allows a network attacker to perform a
man-in-EPSS 0.1%CVE-2026-4434HIGHImproper certificate validation in the PAM propagation WinRM connections
allows a network attacker to perform a man-in-the-middle attack viEPSS 0.1%CVE-2026-24935MEDIUMAn improper certificate validation vulnerability was found in a third-party NAT traversal module.EPSS 0.1%CVE-2026-33248MEDIUMNATS has mTLS verify_and_map authentication bypass via incorrect Subject DN matchingEPSS 0.1%CVE-2020-12614HIGHAn issue was discovered in BeyondTrust Privilege Management for Windows through 5.6. If the publisher criteria is selected, it defines the nEPSS 0.1%CVE-2025-53869MEDIUMMultiple MFPs provided by Brother Industries, Ltd. does not properly validate server certificates, which may allow a man-in-the-middle attacEPSS 0.1%CVE-2022-32748HIGHA CWE-295: Improper Certificate Validation vulnerability exists that could cause the CAE software to give wrong data to end users when usingEPSS 0.1%CVE-2025-12943MEDIUMImproper certificate validation in firmware update logic in NETGEAR RAX30 and RAXE300EPSS 0.1%CVE-2026-41119MEDIUMDell Live Optics Windows and Personal Edition collectors contain an improper certificate validation vulnerability. A remote unauthenticated EPSS 0.1%CVE-2026-45574HIGHepa4all-client: TLS Certificate Validation Disabled in ProductionEPSS 0.1%CVE-2025-40745MEDIUMA vulnerability has been identified in Siemens Software Center (All versions < V3.5.8.2), Simcenter 3D (All versions < V2506.6000), SimcenteEPSS 0.1%CVE-2025-8476HIGHAlpine iLX-507 TIDAL Improper Certificate Validation VulnerabilityEPSS 0.1%CVE-2026-40970MEDIUMWhen configured to use an SSL bundle, Spring Boot's Elasticsearch auto-configuration does not perform hostname verification when connecting EPSS 0.1%CVE-2025-71063HIGHErrands before 46.2.10 does not verify TLS certificates for CalDAV servers.EPSS 0.1%