Tag
high
advisory
OpenShift Router Vulnerability CVE-2026-46579: Mutual TLS Bypass via Header Injection
1 rule 2 TTPs 1 CVECVE-2026-46579 describes a vulnerability in the Red Hat OpenShift Router. When a Route is configured with `insecureEdgeTerminationPolicy` set to Allow, the HTTP frontend fails to remove `X-SSL-Client-*` headers from incoming requests, allowing unauthenticated attackers to bypass mutual TLS authentication and impersonate client certificate identities.
OpenShift Router
openshift
mtls
header-injection
cve-2026-46579
1r
2t
1c
high
advisory
Oxia TLS Certificate Chain Validation Failure
2 rules 1 TTPOxia's `trustedCertPool()` function fails to parse multi-certificate PEM bundles, leading to certificate chain validation failure and rejection of legitimate clients in mTLS deployments.
Oxia
tls
mtls
certificate-validation
vulnerability
2r
1t