CVEs classified under CWE-322, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (11)
CVE-2026-1709 — CVSS 9.4 (critical): A flaw was found in Keylime. The Keylime registrar, since version 7.12.0, does not enforce client-side Transport Layer Security (TLS)…
CVE-2026-11745: A vulnerability has been identified in centraldogma-server-mirror-git versions prior to 0.84.0, where the Git mirror SSH client does not…
CVE-2025-13914 — CVSS 8.7 (high): A Key Exchange without Entity Authentication vulnerability in the SSH implementation of Juniper Networks Apstra allows a unauthenticated…
CVE-2025-20163 — CVSS 8.7 (high): A vulnerability in the SSH implementation of Cisco Nexus Dashboard Fabric Controller (NDFC) could allow an unauthenticated, remote attacker…
CVE-2026-33697 — CVSS 7.5 (high): Cocos AI is a confidential computing system for AI. The current implementation of attested TLS (aTLS) in CoCoS is vulnerable to a relay…
CVE-2024-6572 — CVSS 7.4 (high): Improper host key checking in active check 'Check SFTP Service' and special agent 'VNX quotas and filesystem' in Checkmk before Checkmk…
CVE-2024-4871 — CVSS 6.8 (medium): A vulnerability was found in Satellite. When running a remote execution job on a host, the host's SSH key is not being checked. When the…
CVE-2026-1354 — CVSS 6.4 (medium): Zero Motorcycles firmware versions 44 and prior enable an attacker to forcibly pair a device with the motorcycle via Bluetooth. Once…