Falhas do tipo CWE-295
687 resultadosCVE-2026-0233LOWAutonomous Digital Experience Manager: Improper validation of ADEM certificateEPSS 0.2%CVE-2025-14022HIGHLINE client for iOS prior to 15.4 allows man-in-the-middle attacks due to improper SSL/TLS certificate validation in an integrated financialEPSS 0.2%CVE-2022-23649LOWImproper Certificate Validation in CosignEPSS 0.2%CVE-2025-46551MEDIUMJRuby-OpenSSL has hostname verification disabled by defaultEPSS 0.2%CVE-2026-40944MEDIUMOxia: TLS CA certificate chain validation fails with multi-certificate PEM bundlesEPSS 0.2%CVE-2026-41872CRITICAL"Kura Sushi Official App" provided by EPG, Inc. is vulnerable to improper certificate validation. A man-in-the-middle attack may allow eavesEPSS 0.2%CVE-2025-23118MEDIUMAn Improper Certificate Validation vulnerability could allow an authenticated malicious actor with access to UniFi Protect Cameras adjacent EPSS 0.2%CVE-2017-8445—An error was found in the X-Pack Security TLS trust manager for versions 5.0.0 to 5.5.1. If reloading the trust material fails the trust manEPSS 0.2%CVE-2025-35983MEDIUMImproper Certificate Validation (CWE-295) in the Controller 7000 OneLink implementation could allow an unprivileged attacker to perform a liEPSS 0.2%CVE-2025-59347LOWDragonfly Manager makes requests to external endpoints with disabled TLS authenticationEPSS 0.2%CVE-2023-48785MEDIUMAn improper certificate validation vulnerability [CWE-295] in FortiNAC-F version 7.2.4 and below may allow a remote and unauthenticated attaEPSS 0.2%CVE-2024-45641MEDIUMIBM Security ReaQta improper certificate validationEPSS 0.2%CVE-2026-32884MEDIUMBotan: Case-Insensitive CN Values Bypass DNS excludedSubtrees Name Constraints (RFC 5280 Violation)EPSS 0.2%CVE-2025-65291HIGHAqara Hub devices including Hub M2 4.3.6_0027, Hub M3 4.3.6_0025, Camera Hub G3 4.1.9_0027 fail to validate server certificates in TLS conneEPSS 0.2%CVE-2026-40971MEDIUMWhen configured to use an SSL bundle, Spring Boot's RabbitMQ auto-configuration does not perform hostname verification when connecting to thEPSS 0.2%CVE-2026-54100HIGHWindows-machine-config-operator: windows-machine-config-operator: ssh host key not verified enables credential theftEPSS 0.2%CVE-2024-47241MEDIUMDell Secure Connect Gateway (SCG) 5.0 Appliance - SRS, version(s) 5.24, contains an Improper Certificate Validation vulnerability. A low priEPSS 0.2%CVE-2025-13052HIGHAn improper certificates validation vulnerability was found in the Notification settings of ADMEPSS 0.2%CVE-2025-65290HIGHAqara Hub devices including Camera Hub G3 4.1.9_0027, Hub M2 4.3.6_0027, and Hub M3 4.3.6_0025 fail to validate server certificates during HEPSS 0.2%CVE-2026-24934MEDIUMAn improper certificate validation vulnerability was found in ADM while querying an external server for the device's WAN IP address.EPSS 0.2%