CVE-2026-50752
7.4 HIGHA weakness in the certificate validation logic of the deprecated IKEv1 key exchange may allow an unauthenticated attacker positioned as a...
Published: 2026-06-08 · Last updated: 2026-06-08
Severity and scoring
- CVSS
- 7.4 HIGH
- Vector
- CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
- CWE
- CWE-295
Description
A weakness in the certificate validation logic of the deprecated IKEv1 key exchange may allow an unauthenticated attacker positioned as a man-in-the-middle to bypass certificate validation in VPN site-to-site connections that use certificate-based authentication. Successful exploitation could allow interception or modification of traffic traversing the VPN tunnel.
Source: NVD
References
Related CVEs
Same CWE
- CVE-2026-41714 — Applications that configure their broker connection via RabbitConnectionFactoryBean.setUri("amqps://...") without also calling setUseSSL(... (4.0 MEDIUM)
- CVE-2026-42769 — Issue Summary: An error in the callback used to verify the certificate provided in a Root CA key update Certificate Management Protocol (... (5.3 MEDIUM)
- CVE-2026-45745 — Termix is a web-based server management platform with SSH terminal, tunneling, and file editing capabilities (8.0 HIGH)
- CVE-2026-41859 — A network man-in-the-middle between nats-sync and the BOSH director can steal the director credentials (Basic auth header or UAA client s... (7.8 HIGH)
- CVE-2026-49267 — Apache Airflow's EmailOperator and the underlying `airflow.utils.email` helpers established SMTP STARTTLS connections without verifying t... (5.9 MEDIUM)