Total
41 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2026-26214 | 2026-06-17 | N/A | 7.4 HIGH | ||
| Galaxy FDS Android SDK (XiaoMi/galaxy-fds-sdk-android) version 3.0.8 and prior disable TLS hostname verification when HTTPS is enabled (the default configuration). In GalaxyFDSClientImpl.createHttpClient(), the SDK configures Apache HttpClient with SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER, which accepts any valid TLS certificate regardless of hostname mismatch. Because HTTPS is enabled by default in FDSClientConfiguration, all applications using the SDK with default settings are affected. This vulnerability allows a man-in-the-middle attacker to intercept and modify SDK communications to Xiaomi FDS cloud storage endpoints, potentially exposing authentication credentials, file contents, and API responses. The XiaoMi/galaxy-fds-sdk-android open source project has reached end-of-life status. | |||||
| CVE-2025-68637 | 1 Apache | 1 Uniffle | 2026-06-17 | N/A | 9.1 CRITICAL |
| The Uniffle HTTP client is configured to trust all SSL certificates and disables hostname verification by default. This insecure configuration exposes all REST API communication between the Uniffle CLI/client and the Uniffle Coordinator service to potential Man-in-the-Middle (MITM) attacks. This issue affects all versions from before 0.10.0. Users are recommended to upgrade to version 0.10.0, which fixes the issue. | |||||
| CVE-2025-68161 | 1 Apache | 1 Log4j | 2026-06-17 | N/A | 4.8 MEDIUM |
| The Socket Appender in Apache Log4j Core versions 2.0-beta9 through 2.25.2 does not perform TLS hostname verification of the peer certificate, even when the verifyHostName https://logging.apache.org/log4j/2.x/manual/appenders/network.html#SslConfiguration-attr-verifyHostName configuration attribute or the log4j2.sslVerifyHostName https://logging.apache.org/log4j/2.x/manual/systemproperties.html#log4j2.sslVerifyHostName system property is set to true. This issue may allow a man-in-the-middle attacker to intercept or redirect log traffic under the following conditions: * The attacker is able to intercept or redirect network traffic between the client and the log receiver. * The attacker can present a server certificate issued by a certification authority trusted by the Socket Appender’s configured trust store (or by the default Java trust store if no custom trust store is configured). Users are advised to upgrade to Apache Log4j Core version 2.25.3, which addresses this issue. As an alternative mitigation, the Socket Appender may be configured to use a private or restricted trust root to limit the set of trusted certificates. | |||||
| CVE-2025-59060 | 1 Apache | 1 Ranger | 2026-06-17 | N/A | 5.3 MEDIUM |
| Hostname verification bypass issue in Apache Ranger NiFiRegistryClient/NiFiClient is reported in Apache Ranger versions <= 2.7.0. Users are recommended to upgrade to version 2.8.0, which fixes this issue. | |||||
| CVE-2025-4295 | 2026-06-17 | N/A | 4.6 MEDIUM | ||
| Improper Validation of Certificate with Host Mismatch vulnerability in HotelRunner B2B allows HTTP Response Splitting. This issue affects B2B: before 04.06.2025. | |||||
| CVE-2025-49015 | 1 Couchbase | 1 .net Sdk | 2026-06-17 | N/A | 4.9 MEDIUM |
| The Couchbase .NET SDK (client library) before 3.7.1 does not properly enable hostname verification for TLS certificates. In fact, the SDK was also using IP addresses instead of hostnames due to a configuration option that was incorrectly enabled by default. | |||||
| CVE-2025-46408 | 1 Avtech | 1 Eagleeyes\(lite\) | 2026-06-17 | N/A | 9.8 CRITICAL |
| An issue was discovered in the methods push.lite.avtech.com.AvtechLib.GetHttpsResponse and push.lite.avtech.com.Push_HttpService.getNewHttpClient in AVTECH EagleEyes 2.0.0. The methods set ALLOW_ALL_HOSTNAME_VERIFIER, bypassing domain validation. | |||||
| CVE-2025-42921 | 1 Jetbrains | 1 Toolbox | 2026-06-17 | N/A | 4.2 MEDIUM |
| In JetBrains Toolbox App before 2.6 host key verification was missing in SSH plugin | |||||
| CVE-2025-3501 | 2026-06-17 | N/A | 8.2 HIGH | ||
| A flaw was found in Keycloak. By setting a verification policy to 'ALL', the trust store certificate verification is skipped, which is unintended. | |||||
| CVE-2025-2190 | 1 Tecno | 1 Com.transsnet.store | 2026-06-17 | N/A | 8.1 HIGH |
| The mobile application (com.transsnet.store) has a man-in-the-middle attack vulnerability, which may lead to code injection risks. | |||||
| CVE-2025-25253 | 1 Fortinet | 2 Fortios, Fortiproxy | 2026-06-17 | N/A | 7.5 HIGH |
| An Improper Validation of Certificate with Host Mismatch vulnerability [CWE-297] in FortiProxy version 7.6.1 and below, version 7.4.8 and below, 7.2 all versions, 7.0 all versions and FortiOS version 7.6.2 and below, version 7.4.8 and below, 7.2 all versions, 7.0 all versions ZTNA proxy may allow an unauthenticated attacker in a man-in-the middle position to intercept and tamper with connections to the ZTNA proxy | |||||
| CVE-2025-15079 | 1 Haxx | 1 Curl | 2026-06-17 | N/A | 5.3 MEDIUM |
| When doing SSH-based transfers using either SCP or SFTP, and setting the known_hosts file, libcurl could still mistakenly accept connecting to hosts *not present* in the specified file if they were added as recognized in the libssh *global* known_hosts file. | |||||
| CVE-2024-8285 | 1 Redhat | 1 Kroxylicious | 2026-06-17 | N/A | 5.9 MEDIUM |
| A flaw was found in Kroxylicious. When establishing the connection with the upstream Kafka server using a TLS secured connection, Kroxylicious fails to properly verify the server's hostname, resulting in an insecure connection. For a successful attack to be performed, the attacker needs to perform a Man-in-the-Middle attack or compromise any external systems, such as DNS or network routing configuration. This issue is considered a high complexity attack, with additional high privileges required, as the attack would need access to the Kroxylicious configuration or a peer system. The result of a successful attack impacts both data integrity and confidentiality. | |||||
| CVE-2024-7346 | 1 Progress | 1 Openedge | 2026-06-17 | N/A | 7.2 HIGH |
| Host name validation for TLS certificates is bypassed when the installed OpenEdge default certificates are used to perform the TLS handshake for a networked connection. This has been corrected so that default certificates are no longer capable of overriding host name validation and will need to be replaced where full TLS certificate validation is needed for network security. The existing certificates should be replaced with CA-signed certificates from a recognized certificate authority that contain the necessary information to support host name validation. | |||||
| CVE-2024-54019 | 1 Fortinet | 1 Forticlient | 2026-06-17 | N/A | 4.8 MEDIUM |
| A improper validation of certificate with host mismatch in Fortinet FortiClientWindows version 7.4.0, versions 7.2.0 through 7.2.6, and 7.0 all versions allow an unauthorized attacker to redirect VPN connections via DNS spoofing or another form of redirection. | |||||
| CVE-2024-49782 | 3 Ibm, Linux, Microsoft | 3 Openpages With Watson, Linux Kernel, Windows | 2026-06-17 | N/A | 6.8 MEDIUM |
| IBM OpenPages with Watson 8.3 and 9.0 could allow a remote attacker to spoof mail server identity when using SSL/TLS security. An attacker could exploit this vulnerability to gain access to sensitive information disclosed through email notifications generated by OpenPages or disrupt notification delivery. | |||||
| CVE-2024-38324 | 1 Ibm | 1 Storage Defender | 2026-06-17 | N/A | 5.9 MEDIUM |
| IBM Storage Defender 2.0.0 through 2.0.7 on-prem defender-sensor-cmd CLI does not validate server name during registration and unregistration operations which could expose sensitive information to an attacker with access to the system. | |||||
| CVE-2024-37015 | 2026-06-17 | N/A | 7.4 HIGH | ||
| An issue was discovered in Ada Web Server 20.0. When configured to use SSL (which is not the default setting), the SSL/TLS used to establish connections to external services is done without proper hostname validation. This is exploitable by man-in-the-middle attackers. | |||||
| CVE-2024-34447 | 2026-06-17 | N/A | 7.5 HIGH | ||
| An issue was discovered in the Bouncy Castle Crypto Package For Java before BC TLS Java 1.0.19 (ships with BC Java 1.78, BC Java (LTS) 2.73.6) and before BC FIPS TLS Java 1.0.19. When endpoint identification is enabled in the BCJSSE and an SSL socket is created without an explicit hostname (as happens with HttpsURLConnection), hostname verification could be performed against a DNS-resolved IP address in some situations, opening up a possibility of DNS poisoning. | |||||
| CVE-2024-32868 | 1 Zitadel | 1 Zitadel | 2026-06-17 | N/A | 6.5 MEDIUM |
| ZITADEL provides users the possibility to use Time-based One-Time-Password (TOTP) and One-Time-Password (OTP) through SMS and Email. While ZITADEL already gives administrators the option to define a `Lockout Policy` with a maximum amount of failed password check attempts, there was no such mechanism for (T)OTP checks. This issue has been patched in version 2.50.0. | |||||