CVE-2026-9758— Improper Certificate Validation in S2OPC

CVSS 7.3 · High EPSS 0.12% · P2 Updated Jun 13, 2026

Possible ATT&CK Techniques 1AI

T1190 · Exploit Public-Facing Application

Affected Version Matrix 1

Vendor	Product	Version Range	Status
Systerel	S2OPC	`1.5.0< 1.7.3`	affected

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2026-9758

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

Improper Certificate Validation in S2OPC

Source: NVD (National Vulnerability Database)

Vulnerability Description

Improper comparison with the certificates trusted list in S2OPC allows an attacker well-formed untrusted certificate to be considered trusted

Source: NVD (National Vulnerability Database)

CVSS Information

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Source: NVD (National Vulnerability Database)

Vulnerability Type

证书验证不恰当

Source: NVD (National Vulnerability Database)

Vulnerability Title

S2OPC OPC UA Toolkit 信任管理问题漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

S2OPC OPC UA Toolkit是Systerel开源的一个OPC UA通信开发工具包。 S2OPC OPC UA Toolkit存在信任管理问题漏洞，该漏洞源于与受信任证书列表比较不当，可能导致格式良好的不受信任证书被视为受信任。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
Systerel	S2OPC	1.5.0 ~ 1.7.3	-

II. Public POCs for CVE-2026-9758

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2026-9758

请登录查看更多情报信息。

Vendor Advisories for CVE-2026-9758 (1)

🔗 Certificate Trust List Check issue: well formed untrusted certificate might be considered trusted (#1770) · Issue · systerel/S2OPC Read full article

https://nvd.nist.gov/vuln/detail/CVE-2026-9758

IV. Related Vulnerabilities

Same product: S2OPC

CVE-2026-6899
Improper Check for Certificate Revocation in S2OPC

Same vendor: Systerel

CVE-2026-6899
Improper Check for Certificate Revocation in S2OPC

Same weakness: CWE-295

V. Comments for CVE-2026-9758

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2026-9758— Improper Certificate Validation in S2OPC

Possible ATT&CK Techniques 1AI

Affected Version Matrix 1

I. Basic Information for CVE-2026-9758

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2026-9758

III. Intelligence Information for CVE-2026-9758

Vendor Advisories for CVE-2026-9758 (1)

IV. Related Vulnerabilities

V. Comments for CVE-2026-9758

Leave a comment