CWE•Base•Draft•20 recent CVEs
CWE-295Improper Certificate Validation
Description
The product does not validate, or incorrectly validates, a certificate.
Common consequences
- Integrity,Authentication→Bypass Protection Mechanism,Gain Privileges or Assume IdentityWhen a certificate is invalid or malicious, it might allow an attacker to spoof a trusted entity by interfering in the communication path between the host and client. The product might connect to a malicious host while believing it is a tru
Potential mitigations
- Architecture and Design,ImplementationCertificates should be carefully managed and checked to assure that data are encrypted with the intended owner's public key.
- ImplementationIf certificate pinning is being used, ensure that all relevant properties of the certificate are fully validated before the certificate is pinned, including the hostname.
Related CWEs
Recent CVEs classified under this CWE
CVE-2026-507527.42026-06-08CVE-2026-457458.02026-06-05CVE-2026-418597.82026-06-04CVE-2026-492675.92026-06-01CVE-2026-470742026-05-28CVE-2026-427908.12026-05-27CVE-2026-427913.72026-05-27CVE-2026-427894.82026-05-27CVE-2026-455748.12026-05-26CVE-2026-449008.12026-05-26CVE-2026-442136.52026-05-26CVE-2026-420127.12026-05-26CVE-2026-486977.42026-05-26CVE-2026-322539.82026-05-22CVE-2026-398286.32026-05-22CVE-2026-482495.92026-05-21CVE-2026-482485.92026-05-21CVE-2026-482475.92026-05-21CVE-2026-482465.92026-05-21CVE-2026-411196.82026-05-18