CVE-2025-9293HIGH 8.1EPSS p12.9%

CVE-2025-9293CVE-2025-9293

Description

A vulnerability in the certificate validation logic may allow applications to accept untrusted or improperly validated server identities during TLS communication. An attacker in a privileged network position may be able to intercept or modify traffic if they can position themselves within the communication channel. Successful exploitation may compromise confidentiality, integrity, and availability of application data.

Scoring

CVSS 3.18.1 (HIGH)
VectorCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS0.22% probability of exploitation · percentile 12.9% · 2026-06-19T12:03:05Z
Published2026-02-13
Last modified2026-04-01

Underlying weaknesses· 1

CWE-295

References

  1. https://www.omadanetworks.com/us/support/faq/4969/
  2. https://www.tp-link.com/us/support/faq/4969/

1

TypeTargetConfidenceTier
WeaknessImproper Certificate Validationcwe-2950%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-49196
CVE
CVE-2026-9758
CVE
CVE-2026-50208
CVE
CVE-2025-7390
CVE
CVE-2025-59461
CVE
CVE-2025-30023
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.