CWE-295: CWE-295

This CVE describes a TLS certificate validation bypass vulnerability in MongoDB servers. On Windows and Apple systems, MongoDB may accept client certi...

CISA Thorium versions before 1.1.2 fail to validate TLS certificates when connecting to Elasticsearch, allowing man-in-the-middle attacks. An unauthen...

The Nextcloud Desktop Client vulnerability allows attackers to bypass signature validation when a manipulated server sends an empty initial signature....

This vulnerability allows attackers to bypass certificate validation when Firefox or Thunderbird redirects from a secure server to an insecure one usi...

Tanium Appliance has an improper certificate validation vulnerability that could allow man-in-the-middle attacks or spoofing of trusted servers. This ...

This CVE describes an insecure DDNS implementation in ASUSTOR ADM software where HTTP connections lack SSL/TLS certificate validation. Unauthenticated...

This vulnerability affects Brother MFP devices that fail to properly validate server certificates, allowing man-in-the-middle attackers to replace roo...

This vulnerability allows man-in-the-middle attacks against Hanwha Vision cameras due to missing certificate validation in the client service. Attacke...

KDE messagelib versions before 25.11.90 ignore SSL certificate validation errors when contacting Google's Safe Browsing Lookup API, potentially allowi...

GoSign Desktop versions through 2.4.1 disable TLS certificate validation when configured to use a proxy server, allowing man-in-the-middle attacks tha...

CVE-2026-22250 is a vulnerability in the wlc Weblate command-line client where SSL certificate verification can be bypassed for certain crafted URLs. ...

This vulnerability allows attackers to spoof digital signatures by exploiting improper certificate validation in Thales SafeNet Agent for Windows Logo...

This vulnerability allows attackers to intercept or modify TLS-encrypted communications by exploiting improper certificate validation. Applications us...

This vulnerability in PAN-OS allows Windows Terminal Server Agents to connect using expired certificates even when the system is configured to reject ...