Tag
medium
advisory
CVE-2026-34073: Incomplete DNS Name Constraint Enforcement Vulnerability
2 rules 1 CVECVE-2026-34073 is a vulnerability in unspecified Microsoft products due to incomplete DNS name constraint enforcement on peer names, potentially leading to certificate validation bypass.
certificate validation
man-in-the-middle
dns name constraint
tls
cve-2026-34073
2r
1c
high
advisory
Amazon Athena ODBC Driver Man-in-the-Middle Vulnerability
2 rules 1 TTP 1 CVEA man-in-the-middle vulnerability exists in Amazon Athena ODBC driver versions prior to 2.1.0.0 due to improper certificate validation, potentially allowing attackers to intercept authentication credentials when connecting to external identity providers.
cve-2026-35560
athena
odbc
man-in-the-middle
mitm
credential-theft
2r
1t
1c
high
advisory
Node-Forge Certificate Chain Verification Bypass due to basicConstraints Violation
2 rules 3 TTPs 1 IOCNode-forge's certificate chain verification fails to enforce RFC 5280 basicConstraints, allowing leaf certificates without basicConstraints and keyUsage extensions to act as Certificate Authorities, leading to potential certificate forgery and man-in-the-middle attacks.
certificate-forgery
man-in-the-middle
node-forge
basicConstraints
2r
3t
1i