Falhas do tipo CWE-295
687 resultadosCVE-2025-48393MEDIUMThe server identity check mechanism for firmware upgrade performed via command shell is insecurely implemented potentially allowing an attacEPSS 0.2%CVE-2025-42611MEDIUMImproper certificate validation in multiple RouterOS servicesEPSS 0.2%CVE-2025-62375MEDIUMgo-witness Improper Verification of AWS EC2 Identity DocumentsEPSS 0.2%CVE-2024-38861MEDIUMLack of TLS validation in plugin MikroTik on Checkmk ExchangeEPSS 0.2%CVE-2026-33896HIGHForge has a basicConstraints bypass in its certificate chain verification (RFC 5280 violation)EPSS 0.2%CVE-2025-40800CRITICALA vulnerability has been identified in COMOS V10.6 (All versions < V10.6.1), COMOS V10.6 (All versions < V10.6.1), NX V2412 (All versions < EPSS 0.2%CVE-2025-23091MEDIUMAn Improper Certificate Validation on UniFi OS devices, with Identity Enterprise configured, could allow a malicious actor to execute a man-EPSS 0.2%CVE-2026-49267MEDIUMApache Airflow: No certificate validation on SMTP STARTTLS connectionsEPSS 0.2%CVE-2025-68482MEDIUMA improper certificate validation vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.4, FortiAnalyzer 7.4.0 through 7.4.8, FortiAnalyEPSS 0.2%CVE-2026-27133MEDIUMStrimzi All CAs from CA chain will be trusted in Kafka Connect and Kafka MirrorMaker 2 target clustersEPSS 0.2%CVE-2026-5501HIGHImproper Certificate Signature Verification in X.509 Chain Validation Allows Forged Leaf CertificatesEPSS 0.2%CVE-2025-70043CRITICALAn issue pertaining to CWE-295: Improper Certificate Validation was discovered in Ayms node-To master. The application disables TLS/SSL certEPSS 0.2%CVE-2026-0872LOWImproper Certificate Validation vulnerability in Thales SafeNet Agent for Windows LogonEPSS 0.2%CVE-2025-15557HIGHImproper Certificate Validation in TP-Link Tapo H100 and P100 Allows Man-in-the-Middle AttackEPSS 0.2%CVE-2026-40974MEDIUMSpring Boot's Cassandra auto-configuration does not perform hostname verification when establishing an SSL connection to Cassandra.
AffecteEPSS 0.2%CVE-2026-4587MEDIUMHybridAuth SSL Curl.php certificate validationEPSS 0.2%CVE-2025-12765HIGHpgAdmin 4: LDAP authentication flow vulnerable to TLS certificate verification bypass.EPSS 0.2%CVE-2021-26320—Insufficient validation of the AMD SEV Signing Key (ASK) in the SEND_START command in the SEV Firmware may allow a local authenticated attacEPSS 0.2%CVE-2026-33542MEDIUMIncus does not verify combined fingerprint when downloading images from simplestreams serversEPSS 0.2%CVE-2026-6450LOWCRL critical extension bypass in ParseCRL_ExtensionsEPSS 0.2%