Mitm

Axios is vulnerable to a Prototype Pollution attack that can be escalated into a full Man-in-the-Middle (MITM) attack by injecting a malicious proxy configuration via `Object.prototype.proxy`, allowing attackers to intercept, read, and modify all HTTP traffic, including authentication credentials.

A man-in-the-middle attacker within the TI network can exploit CVE-2026-45575 in com.oviva.telematik:epa4all-client versions prior to 1.2.2 to substitute a forged discovery document and capture signed authentication material.

The epa4all-client library before version 1.2.2 is vulnerable to a TLS certificate validation issue, allowing a man-in-the-middle attacker to intercept SOAP traffic and sensitive patient data by presenting a malicious TLS certificate.

The goshs application disables SSH host key verification when using the --tunnel flag, making it vulnerable to man-in-the-middle attacks that expose plaintext HTTP traffic.

CVE-2026-0244 is an improper certificate validation vulnerability in Palo Alto Networks Prisma SD-WAN ION that allows a man-in-the-middle (MitM) attacker to impersonate the controller.

CVE-2026-0248 is an improper certificate validation vulnerability in Prisma Access Agent for Android and Chrome OS, enabling a man-in-the-middle (MitM) attack to intercept VPN traffic and capture sensitive device information by presenting a certificate issued by a trusted Certificate Authority.

The ex_webrtc library is vulnerable to a man-in-the-middle attack due to missing DTLS peer certificate fingerprint validation in the DTLS client role, potentially allowing interception of media and data channels when chained with insecure signaling or a peer with similar validation gaps; upgrade to versions 0.15.1 or 0.16.1 to mitigate this vulnerability.

CVE-2025-14821 in libssh allows local man-in-the-middle attacks, SSH downgrade attacks, and trusted host manipulation due to insecure default configuration loading from a world-writable directory on Windows.

A man-in-the-middle vulnerability exists in Amazon Athena ODBC driver versions prior to 2.1.0.0 due to improper certificate validation, potentially allowing attackers to intercept authentication credentials when connecting to external identity providers.

UniFi Network Controller versions before 5.10.22 and 5.11.x before 5.11.18 contain an improper certificate verification vulnerability, enabling adjacent network attackers to perform man-in-the-middle attacks by presenting a fraudulent SSL certificate during SMTP connections to intercept traffic and steal credentials.

SUSE Harvester's Rancher integration mechanism is vulnerable to a man-in-the-middle attack due to insecure TLS options, potentially leading to denial of service.

The modification of root certificates on Windows systems by unauthorized processes can allow attackers to masquerade malicious files as valid signed components and intercept/decrypt SSL traffic, leading to defense evasion and data collection.

Beghelli Sicuro24 SicuroWeb is vulnerable to arbitrary JavaScript execution due to embedding an end-of-life AngularJS 1.5.2 component with known sandbox escape primitives combined with template injection, enabling attackers to compromise operator browser sessions via MITM attacks.