Vulnerabilities

Report: Update: CVE-2026-41132 - CKAN: No certificate validation on STMP connection

2026-05-13 0 views admin

CVE ID :CVE-2026-41132 Published : May 13, 2026, 7:17 p.m. | 29 minutes ago Description :CKAN is an open-source DMS (data management system) for powering data hubs and data portals. Prior to 2.10.10 and 2.11.5, the configured SMTP server may be spoofed with any certificate (e.g. self-signed), leaving credentials and all emails sent open to MITM attacks. This vulnerability is fixed in 2.10.10 and 2.11.5. Severity: 6.6 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE Details

CVE ID

CVE-2026-41132

Severity

MEDIUM

Published

May 13, 2026

🏷️ Tags

reportupdate41132certificatevalidationconnectionpublishedminutescverce

InfinitSec - Latest Cybersecurity, Technology & Gaming News

Report: Update: CVE-2026-41132 - CKAN: No certificate validation on STMP connection

CVE Details

🏷️ Tags

More from Vulnerabilities

Report: CVE-2026-42032 - CKAN: Unauthenticated Authorization Bypass in `datastore_search_sql` - Expert Insights

Report: CVE-2026-42031 - CKAN: Unauthenticated SQL Injection and Authorization Bypass in `datastore_searc

Report: CVE-2026-41255 - CKAN: CSRF exemption primed by anonymous requests

Report: CVE-2026-42579 - Netty: DNS Codec Input Validation Bypass in Netty (Encoder + Decoder) - Complete Guide

Trending

CVE-2025-61481: Critical Remote Code Execution Vulnerability in MikroTik RouterOS & SwitchOS

CVE-2025-43939: Dell Unity OS Command Injection (High)

Google disputes false claims of massive Gmail data breach

Microsoft: DNS outage impacts Azure and Microsoft 365 services

3.5B Accounts, 1 Critical Flaw: Meta Closes WhatsApp Data-Harvesting