CVEs classified under CWE-599, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (9)
CVE-2025-12553 — CVSS 9.8 (critical): Email Server Certificate Verification Disabled.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.
CVE-2026-25060 — CVSS 8.1 (high): OpenList Frontend is a UI component for OpenList. Prior to 4.1.10, certificate verification is disabled by default for all storage driver…
CVE-2025-56230 — CVSS 7.5 (high): Tencent Docs Desktop 3.9.20 and earlier suffers from Missing SSL Certificate Validation in the update component.
CVE-2024-41265 — CVSS 7.5 (high): A TLS certificate verification issue discovered in cortex v0.42.1 allows attackers to obtain sensitive information via the…
CVE-2024-41253 — CVSS 7.1 (high): goframe v2.7.2 is configured to skip TLS certificate verification, possibly allowing attackers to execute a man-in-the-middle attack via…
CVE-2025-56232 — CVSS 6.8 (medium): GOG Galaxy 2.0.0.2 suffers from Missing SSL Certificate Validation. An attacker who controls the local network, DNS, or a proxy can perform…
CVE-2024-36755 — CVSS 6.8 (medium): D-Link DIR-1950 up to v1.11B03 does not validate SSL certificates when requesting the latest firmware version and downloading URL. This can…
CVE-2025-56146 — CVSS 5.3 (medium): Indian Bank IndSMART Android App 3.8.1 is vulnerable to Missing SSL Certificate Validation in NuWebViewActivity.
CVE-2025-63432 — CVSS 4.6 (medium): Xtooltech Xtool AnyScan Android Application 4.40.40 and prior is Missing SSL Certificate Validation. The application fails to properly…