Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-295

CWE-295

Improper Certificate Validation

Parent: CWE-287 - Improper Authentication

The product does not validate, or incorrectly validates, a certificate.

1,395 vulnerabilities with CWE-295

CVE-2026-4740 HIGH

Rhacm: open cluster management (ocm): cross-cluster privilege escalation via improper kubernetes client certificate renewal validation

CVE-2026-32144 HIGH

OCSP designated-responder authorization bypass via missing signature verification

CVE-2026-35389 HIGH

Bulwark Webmail S/MIME signature verification accepted self-signed certificates

CVE-2026-35560 HIGH

Improper certificate validation in identity provider connection components in Amazon Athena ODBC driver

CVE-2026-29140 MEDIUM

SEPPmail Secure Email Gateway - S/MIME Signature Additional Certificate

CVE-2026-25834 MEDIUM

Mbed TLS 3.3.0-3.6.5, 4.0.0 - Algorithm Downgrade

CVE-2026-20042 MEDIUM

Cisco Nexus Dashboard Configuration REST API Unauthorized Access Vulnerability

CVE-2026-4370 CRITICAL

Improper TLS Client/Server authentication and certificate verification on Database Cluster

CVE-2026-34073 MEDIUM

cryptography has incomplete DNS name constraint enforcement on peer names

CVE-2026-32794 MEDIUM

Apache Airflow Provider for Databricks: TLS Certificate Verification Disabled in Databricks Provider K8s Token Exchange

CVE-2026-32884 MEDIUM

Botan: Case-Insensitive CN Values Bypass DNS excludedSubtrees Name Constraints (RFC 5280 Violation)

CVE-2026-33896 HIGH

node-forge <1.4.0 Certificate Chain Verification - basicConstraints Bypass

CVE-2026-33542 MEDIUM

Incus does not verify combined fingerprint when downloading images from simplestreams servers

CVE-2026-33248 MEDIUM

NATS has mTLS verify_and_map authentication bypass via incorrect Subject DN matching

CVE-2026-33308 MEDIUM

mod_gnutls missing key purpose check in client certificate verification

CVE-2026-4587 LOW

HybridAuth SSL Curl.php certificate validation

CVE-2026-4434 HIGH

Devolutions Server <2026.1 - MITM via Disabled TLS Cert Verification

CVE-2026-30836 CRITICAL

Step CA: Unauthenticated Certificate Issuance via SCEP UpdateReq (MessageType=18)

CVE-2026-4396 HIGH

Devolutions Hub Reporting Service <=2025.3.1.1 - MITM

CVE-2026-32293 LOW

GL-iNet Comet (GL-RM1) KVM insufficient certificate validation

CVE-2026-32627 HIGH

cpp-httplib <0.37.2 Proxy Redirects - TLS Verification Bypass

CVE-2026-31798 MEDIUM

JumpServer <4.10.16-lts - Info Disclosure

CVE-2026-2368 HIGH

Lenovo Filez - Remote Code Execution via Improper Certificate Validation

CVE-2026-1068 MEDIUM

Lenovo Filez - Improper Certificate Validation

CVE-2026-24508 LOW

Dell AWCC <6.12.24.0 - Info Disclosure

Previous Page 4 of 56 Next

Details

Vulnerabilities 1,395

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy