CWE-295 · Improper Certificate Validation

1423 CVEs classified under CWE-295 (Improper Certificate Validation). Browse by severity and year.

Top CVEs for CWE-295
CVESeverityScorePublishedSummary
CVE-2026-4370Critical10.02026-04-01A vulnerability was identified in Juju from version 3.2.0 until 3.6.19 and from version 4.0 until 4.0.4, where the internal Dqlite database cluster fails to pe…
CVE-2026-30836Critical10.02026-03-19Step CA is an online certificate authority for secure, automated certificate management for DevOps. Versions 0.30.0-rc6 and below do not safeguard against unau…
CVE-2025-68121Critical10.02026-02-05During session resumption in crypto/tls, if the underlying Config has its ClientCAs or RootCAs fields mutated between the initial handshake and the resumed han…
CVE-2022-20703Critical10.02022-02-10Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbi…
CVE-2021-1471Critical9.92021-03-24Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for MacOS, and Cisco Jabber for mobile platforms could allow an attacker to execute arbitrar…
CVE-2026-32253Critical9.82026-05-22Sunshine is a self-hosted game stream host for Moonlight. In versions prior to 2026.516.143833, the client-certificate authentication can be bypassed because o…
CVE-2026-20184Critical9.82026-04-15A vulnerability in the integration of single sign-on (SSO) with Control Hub in Cisco Webex Services could have allowed an unauthenticated, remote attacker to i…
CVE-2026-2590Critical9.82026-03-03Improper enforcement of the Disable password saving in vaults setting in the connection entry component in Devolutions Remote Desktop Manager 2025.3.30 and e…
CVE-2025-67229Critical9.82026-01-23An improper certificate validation vulnerability exists in ToDesktop Builder v0.32.1 This vulnerability allows an unauthenticated, on-path attacker to spoof ba…
CVE-2025-46070Critical9.82026-01-12An issue in Automai BotManager v.25.2.0 allows a remote attacker to execute arbitrary code via the BotManager.exe component
CVE-2025-29331Critical9.82025-06-26An issue in MHSanaei 3x-ui before v.2.5.3 and before allows a remote attacker to execute arbitrary code via the management script x-ui passes the no check cert…
CVE-2025-6433Critical9.82025-06-24If a user visited a webpage with an invalid TLS certificate, and granted an exception, the webpage was able to provide a WebAuthn challenge that the user would…
CVE-2025-32878Critical9.82025-06-20An issue was discovered on COROS PACE 3 devices through 3.0808.0. It implements a function to connect the watch to a WLAN. This function is mainly for download…
CVE-2024-56521Critical9.82024-12-27An issue was discovered in TCPDF before 6.8.0. If libcurl is used, CURLOPT_SSL_VERIFYHOST and CURLOPT_SSL_VERIFYPEER are set unsafely.
CVE-2024-49369Critical9.82024-11-12Icinga is a monitoring system which checks the availability of network resources, notifies users of outages, and generates performance data for reporting. The…
CVE-2019-20461Critical9.82024-11-07An issue was discovered on Alecto IVM-100 2019-11-12 devices. The device uses a custom UDP protocol to start and control video and audio services. The protocol…
CVE-2024-45159Critical9.82024-09-05An issue was discovered in Mbed TLS 3.x before 3.6.1. With TLS 1.3, when a server enables optional authentication of the client, if the client-provided certifi…
CVE-2024-42395Critical9.82024-08-06There is a vulnerability in the AP Certificate Management Service which could allow a threat actor to execute an unauthenticated RCE attack. Successful exploit…
CVE-2024-20080Critical9.82024-07-01In gnss service, there is a possible escalation of privilege due to improper certificate validation. This could lead to remote escalation of privilege with no…
CVE-2024-5261Critical9.82024-06-25Improper Certificate Validation vulnerability in LibreOffice "LibreOfficeKit" mode disables TLS certification verification LibreOfficeKit can be used for acce…