certificates — Vulnerabilities & Security Advisories 3

All 3 CVE vulnerabilities found in certificates, with AI-generated Chinese analysis, references, and POCs.

CVE ID	Title	CVSS	Severity	Published
CVE-2026-40097	Step CA affected by an index out of bounds panic in TPM attestation EKU validation CWE-129	3.7	Low	2026-04-10
CVE-2026-30836	Step CA: Unauthenticated Certificate Issuance via SCEP UpdateReq (MessageType=18) CWE-287	10.0	Critical	2026-03-19
CVE-2025-66406	Improper Authorization Check for SSH Certificate Revocation CWE-863	5.0	Medium	2025-12-03

All 3 known CVE vulnerabilities affecting certificates with full Chinese analysis, references, and POCs where available.