Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-295 (证书验证不恰当) — Vulnerability Class 462

462 vulnerabilities classified as CWE-295 (证书验证不恰当). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2026-4396 Devolutions Hub Reporting Service 安全漏洞 — Hub Reporting Service 7.4 -2026-03-18
CVE-2026-32293 GL-iNet Comet (GL-RM1) KVM insufficient certificate validation — Comet KVM 3.7 Low2026-03-17
CVE-2026-32627 cpp-httplib has a Silent TLS Certificate Verification Bypass on HTTPS Redirect via Proxy — cpp-httplib 8.7 High2026-03-13
CVE-2026-31798 JumpServer Improper Certificate Validation in Custom SMS API Client — jumpserver 5.0 Medium2026-03-13
CVE-2026-2368 Lenovo Filez 安全漏洞 — FileZ 7.1 High2026-03-11
CVE-2026-1068 Lenovo Filez 安全漏洞 — FileZ 5.3 Medium2026-03-11
CVE-2026-24508 Dell Alienware Command Center 信任管理问题漏洞 — Alienware Command Center (AWCC) 2.5 Low2026-03-11
CVE-2024-14024 Video Station — Video Station 8.0AIHighAI2026-03-11
CVE-2026-27221 Acrobat Reader | Improper Certificate Validation (CWE-295) — Acrobat Reader 5.5 Medium2026-03-10
CVE-2025-68482 Fortinet FortiManager和Fortinet FortiAnalyzer 信任管理问题漏洞 — FortiAnalyzer 6.3 Medium2026-03-10
CVE-2026-3822 Taipower|Taipower APP(Android) - Improper Certificate Validation — Taipower APP 6.5 Medium2026-03-09
CVE-2026-30794 RustDesk HTTP Client Silently Accepts Invalid TLS Certificates After Handshake Failure — RustDesk Client 7.4 -2026-03-05
CVE-2025-40896 Lack of TLS certificate validation when connecting Arc to a Guardian or CMC, in Arc before v2.2.0 — Arc 6.5 Medium2026-03-04
CVE-2026-2748 S/MIME Certificate Subject Whitespace — Secure Email Gateway 7.5AIHighAI2026-03-04
CVE-2026-3336 PKCS7_verify Certificate Chain Validation Bypass in AWS-LC — AWS-LC 7.5 High2026-03-02
CVE-2025-67601 Rancher CLI skips TLS verification on Rancher CLI login command — rancher 8.3 High2026-02-25
CVE-2026-3100 An improper certificate validation vulnerability was found in the FTP Backup on the ADM. — ADM 6.8 -2026-02-25
CVE-2025-67752 OpenEMR Has Disabled SSL Certificate Verification in HTTP Client — openemr 8.1 High2026-02-25
CVE-2026-27133 Strimzi All CAs from CA chain will be trusted in Kafka Connect and Kafka MirrorMaker 2 target clusters — strimzi-kafka-operator 5.9 Medium2026-02-20
CVE-2026-24122 Cosign Certificate Chain Expiry Validation Issue Allows Issuing Certificate Expiry to Be Overlooked — cosign 3.7 Low2026-02-19
CVE-2026-0872 Improper Certificate Validation vulnerability in Thales SafeNet Agent for Windows Logon — SafeNet Agent for Windows Logon 7.5AIHighAI2026-02-13
CVE-2025-9293 Insufficient Certificate Validation in Multiple Mobile Applications Allows Man in the Middle Interception — Tapo App 6.8AIMediumAI2026-02-13
CVE-2025-15573 Missing Certificate Validation for Solax Power Pocket WiFi models MQTT Cloud Connection — Pocket WiFi 3.0 8.1AIHighAI2026-02-12
CVE-2026-0228 PAN-OS: Improper Validation of Terminal Server Agent Certificate — Cloud NGFW 7.5AIHighAI2026-02-11
CVE-2026-21228 Azure Local Remote Code Execution Vulnerability — Azure Local 8.1 High2026-02-10
CVE-2026-25961 SumatraPDF Update MITM -> Arbitrary Code Execution — sumatrapdf 7.5 High2026-02-09
CVE-2026-22613 Eaton Network M3 安全漏洞 — Network M3 5.7 Medium2026-02-09
CVE-2026-25644 DataHub's LDAP Ingestion Source vulnerable to MITM attack through TLS downgrade — datahub 7.5 High2026-02-06
CVE-2025-15323 Tanium addressed an improper certificate validation vulnerability in Tanium Appliance. — Tanium Appliance 3.7 Low2026-02-05
CVE-2025-15557 Improper Certificate Validation in TP-Link Tapo H100 and P100 Allows Man-in-the-Middle Attack — Tapo H100 v1 7.5AIHighAI2026-02-05

Vulnerabilities classified as CWE-295 (证书验证不恰当) represent 462 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.