Product
high
advisory
epa4all-client Improper Verification of Cryptographic Signature Vulnerability (CVE-2026-45575)
2 rules 1 TTP 1 IOCA man-in-the-middle attacker within the TI network can exploit CVE-2026-45575 in com.oviva.telematik:epa4all-client versions prior to 1.2.2 to substitute a forged discovery document and capture signed authentication material.
epa4all-client
cve
mitm
credential-access
2r
1t
1i
medium
advisory
epa4all-client Library Vulnerable to TLS Certificate Validation Issue (CVE-2026-45574)
2 rules 1 TTP 1 IOCThe epa4all-client library before version 1.2.2 is vulnerable to a TLS certificate validation issue, allowing a man-in-the-middle attacker to intercept SOAP traffic and sensitive patient data by presenting a malicious TLS certificate.
epa4all-client
tls
certificate-validation
mitm
credential-access
cve-2026-45574
2r
1t
1i