CVE-2025-9293

HIGH
2026-02-13 f23511db-6c3e-4e32-a477-6aa17d310630
Information Disclosure
7.7
CVSS 4.0
Share

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:L/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
P
Scope
X

Lifecycle Timeline

2
Analysis Generated
Mar 12, 2026 - 22:02 vuln.today
CVE Published
Feb 13, 2026 - 02:16 nvd
HIGH 7.7

DescriptionNVD

A vulnerability in the certificate validation logic may allow applications to accept untrusted or improperly validated server identities during TLS communication. An attacker in a privileged network position may be able to intercept or modify traffic if they can position themselves within the communication channel. Successful exploitation may compromise confidentiality, integrity, and availability of application data.

AnalysisAI

A vulnerability in the certificate validation logic may allow applications to accept untrusted or improperly validated server identities during TLS communication.

Technical ContextAI

Classified as CWE-295 (Improper Certificate Validation). A vulnerability in the certificate validation logic may allow applications to accept untrusted or improperly validated server identities during TLS communication. An attacker in a privileged network position may be able to intercept or modify traffic if they can position themselves within the communication channel. Successful exploitation may compromise confidentiality, integrity, and availability of application data.

RemediationAI

Monitor vendor advisories for a patch.

Share

CVE-2025-9293 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy