CWE-295— Improper Certificate Validation
The product does not validate, or incorrectly validates, a certificate.— MITRE CWE catalog
1,227 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-295page 21 of 25
- CVE-2025-32878CRITICALCVSS 9.8EG 9.82025-06-20
An issue was discovered on COROS PACE 3 devices through 3.0808.0. It implements a function to connect the watch to a WLAN. This function is mainly for downloading firmware files. Before downloading firmware files, the watch requests some i…
- CVE-2025-32989MEDIUMCVSS 5.3EG 5.32025-07-10
A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency (CT) Signed Certificate Timestamp (SCT) extension during X.509 certificate parsing. This flaw allows a malicious user to create a certi…
- CVE-2025-33031HIGHCVSS 8.8EG 8.82025-06-06
An improper certificate validation vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to compromise the security of the system. We have already fixe…
- CVE-2025-33099MEDIUMCVSS 5.9EG 5.92025-09-01
IBM Concert Software 1.0.0 through 1.1.0 could allow a remote attacker to perform unauthorized actions using man in the middle techniques due to improper certificate validation.
- CVE-2025-33142MEDIUMCVSS 5.3EG 5.32025-08-14
IBM WebSphere Application Server 8.5 and 9.0 could provide weaker than expected security for TLS connections.
- CVE-2025-34066HIGHCVSS 8.3EG 8.32025-07-01
An improper certificate validation vulnerability exists in AVTECH IP cameras, DVRs, and NVRs due to the use of wget with --no-check-certificate in scripts like SyncCloudAccount.sh and SyncPermit.sh. This exposes HTTPS communications to man…
- CVE-2025-34199HIGHCVSS 8.1EG 8.12025-09-19
Vasion Print (formerly PrinterLogic) Virtual Appliance Host versions prior to 22.0.1049 and Application versions prior to 20.0.2786 (VA and SaaS deployments) contain insecure defaults and code patterns that disable TLS/SSL certificate ver…
- CVE-2025-34235HIGHCVSS 7.8EG 7.82025-09-29
Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 25.1.102 and Application prior to version 25.1.1413 (Windows client deployments) contain a registry key that can be enabled by administrators, causing the client …
- CVE-2025-3463CRITICALCVSS 9.4EG 9.42025-05-09
"This issue is limited to motherboards and does not affect laptops, desktop computers, or other endpoints." An insufficient validation vulnerability in ASUS DriverHub may allow untrusted sources to affect system behavior via crafted HTTP …
- CVE-2025-35434MEDIUMCVSS 4.2EG 4.22025-09-17
CISA Thorium does not validate TLS certificates when connecting to Elasticsearch. An unauthenticated attacker with access to a Thorium cluster could impersonate the Elasticsearch service. Fixed in 1.1.2.
- CVE-2025-35983MEDIUMCVSS 6.5EG 6.52025-07-10
Improper Certificate Validation (CWE-295) in the Controller 7000 OneLink implementation could allow an unprivileged attacker to perform a limited denial of service or perform privileged overrides during the initial configuration of the Con…
- CVE-2025-36005MEDIUMCVSS 5.9EG 5.92025-07-24
IBM MQ Operator LTS 2.0.0 through 2.0.29, MQ Operator CD 3.0.0, 3.0.1, 3.1.0 through 3.1.3, 3.3.0, 3.4.0, 3.4.1, 3.5.0, 3.5.1, 3.6.0, and MQ Operator SC2 3.2.0 through 3.2.13 Internet Pass-Thru could allow a malicious user to obtain sensit…
- CVE-2025-36041MEDIUMCVSS 4.7EG 4.72025-06-15
IBM MQ Operator LTS 2.0.0 through 2.0.29, MQ Operator CD 3.0.0, 3.0.1, 3.1.0 through 3.1.3, 3.3.0, 3.4.0, 3.4.1, 3.5.0, 3.5.1 through 3.5.3, and MQ Operator SC2 3.2.0 through 3.2.12 Native HA CRR could be configured with a private key and …
- CVE-2025-37730MEDIUMCVSS 6.5EG 6.52025-05-06
Improper certificate validation in Logstash's TCP output could lead to a man-in-the-middle (MitM) attack in “client” mode, as hostname verification in TCP output was not being performed when the ssl_verification_mode => full was set.
- CVE-2025-39205MEDIUMCVSS 6.5EG 6.52025-06-24
A vulnerability exists in the IEC 61850 in MicroSCADA X SYS600 product. The certificate validation of the TLS protocol allows remote Man-in-the-Middle attack due to missing proper validation.
- CVE-2025-40744HIGHCVSS 7.5EG 7.52025-11-11
A vulnerability has been identified in Solid Edge SE2025 (All versions < V225.0 Update 11). Affected applications do not properly validate client certificates to connect to License Service endpoint. This could allow an unauthenticated remo…
- CVE-2025-40745LOWCVSS 3.7EG 3.72026-04-14
A vulnerability has been identified in Siemens Software Center (All versions < V3.5.8.2), Simcenter 3D (All versions < V2506.6000), Simcenter Femap (All versions < V2506.0002), Simcenter STAR-CCM+ (All versions < V2602), Solid Edge SE2025 …
- CVE-2025-40800HIGHCVSS 7.4EG 7.42025-12-09
A vulnerability has been identified in COMOS V10.6 (All versions < V10.6.1), COMOS V10.6 (All versions < V10.6.1), NX V2412 (All versions < V2412.8700), NX V2506 (All versions < V2506.6000), Simcenter 3D (All versions < V2506.6000), Simcen…
- CVE-2025-40801HIGHCVSS 8.1EG 8.12025-12-09
A vulnerability has been identified in COMOS V10.6 (All versions < V10.6.1), COMOS V10.6 (All versions < V10.6.1), JT Bi-Directional Translator for STEP (All versions), NX V2412 (All versions < V2412.8900 with Cloud Entitlement (bundled as…
- CVE-2025-42611MEDIUMCVSS 6.5EG 6.52026-05-05
RouterOS provides various services that rely on correct verification of client and server certificates to secure confidentiality and integrity of communications. This includes OpenVPN, CAPsMAN, Dot1x (802.1X), among others. The vulnerab…
- CVE-2025-44018HIGHCVSS 8.3EG 8.32025-11-24
A firmware downgrade vulnerability exists in the OTA Update functionality of GL-Inet GL-AXT1800 4.7.0. A specially crafted .tar file can lead to a firmware downgrade. An attacker can perform a man-in-the-middle attack to trigger this vulne…
- CVE-2025-44964LOWCVSS 3.9EG 3.92025-08-05
A lack of SSL certificate validation in BlueStacks v5.20 allows attackers to execute a man-it-the-middle attack and obtain sensitive information.
- CVE-2025-4575MEDIUMCVSS 6.5EG 6.52025-05-22
Issue summary: Use of -addreject option with the openssl x509 application adds a trusted use instead of a rejected use for a certificate. Impact summary: If a user intends to make a trusted certificate rejected for a particular use it wil…
- CVE-2025-46070CRITICALCVSS 9.8EG 9.82026-01-12
An issue in Automai BotManager v.25.2.0 allows a remote attacker to execute arbitrary code via the BotManager.exe component
- CVE-2025-46551LOWCVSS 3.7EG 3.72025-05-07
JRuby-OpenSSL is an add-on gem for JRuby that emulates the Ruby OpenSSL native library. Starting in JRuby-OpenSSL version 0.12.1 and prior to version 0.15.4 (corresponding to JRuby versions starting in 9.3.4.0 prior to 9.4.12.1 and 10.0.0.…
- CVE-2025-46788HIGHCVSS 7.4EG 7.42025-07-10
Improper certificate validation in Zoom Workplace for Linux before version 6.4.13 may allow an unauthorized user to conduct an information disclosure via network access.
- CVE-2025-48393MEDIUMCVSS 5.7EG 5.72025-08-06
The server identity check mechanism for firmware upgrade performed via command shell is insecurely implemented potentially allowing an attacker to perform a Man-in-the-middle attack. This security issue has been fixed in the latest firmwar…
- CVE-2025-48802MEDIUMCVSS 6.5EG 6.52025-07-08
Improper certificate validation in Windows SMB allows an authorized attacker to perform spoofing over a network.
- CVE-2025-4947MEDIUMCVSS 6.5EG 6.52025-05-28
libcurl accidentally skips the certificate verification for QUIC connections when connecting to a host specified as an IP address in the URL. Therefore, it does not detect impostors or man-in-the-middle attacks.
- CVE-2025-5025MEDIUMCVSS 4.8EG 4.82025-05-28
libcurl supports *pinning* of the server certificate public key for HTTPS transfers. Due to an omission, this check is not performed when connecting with QUIC for HTTP/3, when the TLS backend is wolfSSL. Documentation says the option works…
- CVE-2025-50944HIGHCVSS 8.8EG 8.82025-09-15
An issue was discovered in the method push.lite.avtech.com.MySSLSocketFactoryNew.checkServerTrusted in AVTECH EagleEyes 2.0.0. The custom X509TrustManager used in checkServerTrusted only checks the certificate's expiration date, skipping p…
- CVE-2025-52598LOWCVSS 3.7EG 3.72025-12-26
Cybersecurity Nozomi Networks Labs, a specialized security company focused on Industrial Control Systems (ICS) and OT/IoT security, has found a flaw that camera's client service does not perform certificate validation. The manufacturer has…
- CVE-2025-5279HIGHCVSS 7.0EG 7.02025-05-27
When the Amazon Redshift Python Connector is configured with the BrowserAzureOAuth2CredentialsProvider plugin, the driver skips the SSL certificate validation step for the Identity Provider. An insecure connection could allow an actor to i…
- CVE-2025-52919MEDIUMCVSS 4.3EG 4.32025-06-21
In Yealink RPS before 2025-05-26, the certificate upload function does not properly validate certificate content, potentially allowing invalid certificates to be uploaded.
- CVE-2025-53869LOWCVSS 3.7EG 3.72026-01-29
Multiple MFPs provided by Brother Industries, Ltd. does not properly validate server certificates, which may allow a man-in-the-middle attacker to replace the set of root certificates used by the product with a set of arbitrary certificate…
- CVE-2025-54470HIGHCVSS 8.6EG 8.62025-10-30
This vulnerability affects NeuVector deployments only when the Report anonymous cluster data option is enabled. When this option is enabled, NeuVector sends anonymous telemetry data to the telemetry server. In affected versions, NeuVecto…
- CVE-2025-54607HIGHCVSS 7.7EG 7.72025-08-06
Authentication management vulnerability in the ArkWeb module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
- CVE-2025-54809HIGHCVSS 7.4EG 7.42025-08-13
F5 Access for Android before version 3.1.2 which uses HTTPS does not verify the remote endpoint identity. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
- CVE-2025-55109CRITICALCVSS 9.0EG 9.02025-09-16
An authentication bypass vulnerability exists in the out-of-support Control-M/Agent versions 9.0.18 to 9.0.20 and potentially earlier unsupported versions when using an empty or default kdb keystore or a default PKCS#12 keystore. A remote …
- CVE-2025-56231CRITICALCVSS 9.1EG 9.12025-11-05
Tonec Internet Download Manager 6.42.41.1 and earlier suffers from Missing SSL Certificate Validation, which allows attackers to bypass update protections.
- CVE-2025-58123MEDIUMCVSS 4.8EG 4.82025-08-28
Improper Certificate Validation in Checkmk Exchange plugin BGP Monitoring allows attackers in MitM position to intercept traffic.
- CVE-2025-58124MEDIUMCVSS 4.8EG 4.82025-08-28
Improper Certificate Validation in Checkmk Exchange plugin check-mk-api allows attackers in MitM position to intercept traffic.
- CVE-2025-58125MEDIUMCVSS 4.8EG 4.82025-08-28
Improper Certificate Validation in Checkmk Exchange plugin Freebox v6 agent allows attackers in MitM position to intercept traffic.
- CVE-2025-58126MEDIUMCVSS 4.8EG 4.82025-08-28
Improper Certificate Validation in Checkmk Exchange plugin VMware vSAN allows attackers in MitM position to intercept traffic.
- CVE-2025-58127MEDIUMCVSS 4.8EG 4.82025-08-28
Improper Certificate Validation in Checkmk Exchange plugin Dell Powerscale allows attackers in MitM position to intercept traffic.
- CVE-2025-58188HIGHCVSS 7.5EG 7.52025-10-29
Validating certificate chains which contain DSA public keys can cause programs to panic, due to a interface cast that assumes they implement the Equal method. This affects programs which validate arbitrary certificate chains.
- CVE-2025-58781MEDIUMCVSS 4.8EG 4.82025-09-12
WTW-EAGLE App does not properly validate server certificates, which may allow a man-in-the-middle attacker to monitor encrypted traffic.
- CVE-2025-59347MEDIUMCVSS 6.5EG 6.52025-09-17
Dragonfly is an open source P2P-based file distribution and image acceleration system. Prior to 2.1.0, The Manager disables TLS certificate verification in HTTP clients. The clients are not configurable, so users have no way to re-enable t…
- CVE-2025-59353HIGHCVSS 7.5EG 7.52025-09-17
Dragonfly is an open source P2P-based file distribution and image acceleration system. Prior to 2.1.0, a peer can obtain a valid TLS certificate for arbitrary IP addresses, effectively rendering the mTLS authentication useless. The issue i…
- CVE-2025-60022MEDIUMCVSS 4.8EG 4.82025-11-17
Improper certificate validation vulnerability exists in 'デジラアプリ' App for iOS prior to ver.80.10.00. If this vulnerability is exploited, a man-in-the-middle attack may allow an attacker to eavesdrop on and/or tamper with an encr…
Map vulnerabilities like CWE-295 to your infrastructure
EchelonGraph correlates every CVE — across CWE-295 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →