A weakness in the certificate validation logic of the...
High severity
Unreviewed
Published
Jun 8, 2026
to the GitHub Advisory Database
•
Updated Jun 8, 2026
Description
Published by the National Vulnerability Database
Jun 8, 2026
Published to the GitHub Advisory Database
Jun 8, 2026
Last updated
Jun 8, 2026
A weakness in the certificate validation logic of the deprecated IKEv1 key exchange may allow an unauthenticated attacker positioned as a man-in-the-middle to bypass certificate validation in VPN site-to-site connections that use certificate-based authentication. Successful exploitation could allow interception or modification of traffic traversing the VPN tunnel.
References