CWE-297— Improper Validation of Certificate with Host Mismatch
55 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-297page 2 of 2
- CVE-2026-35563HIGHCVSS 8.5EG 8.52026-06-01
It was identified that the LDAP client implementation in version 2.1.7 does not verify if the server certificate matches the intended LDAP hostname. While the underlying code validates the certificate chain against a trusted authority, t…
- CVE-2026-41603HIGHCVSS 7.4EG 7.42026-04-28
Improper Validation of Certificate with Host Mismatch vulnerability in Apache Thrift. This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue.
- CVE-2026-42790HIGHCVSS 8.1EG 8.12026-05-27
Improper Certificate Validation vulnerability in Erlang OTP public_key (pubkey_cert and public_key modules) allows a DNS nameConstraints bypass via subject CommonName fallback in TLS hostname verification. Two flaws combine to allow a sub…
- CVE-2026-43869HIGHCVSS 7.3EG 7.32026-05-05
Improper Validation of Certificate with Host Mismatch vulnerability in Apache Thrift. This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue.
- CVE-2026-44467MEDIUMCVSS 6.8EG 6.82026-05-13
The Claude Desktop app gives you Claude Code with a graphical interface built for running multiple sessions side by side. From 1.2581.0 to before 1.4304.0, Claude Desktop's SSH remote development feature verified only whether a hostname ex…
Map vulnerabilities like CWE-297 to your infrastructure
EchelonGraph correlates every CVE — across CWE-297 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →