CVE-2026-41081 | Apache Storm Client up to 2.8.6 TLS Client Authentication Failure certificate validation

Inserito da Angelo Barbosa | Apr 26, 2026 | CVE

A vulnerability was found in Apache Storm Client up to 2.8.6 and classified as critical. The affected element is an unknown function of the component TLS Client Authentication Failure Handler. The manipulation results in improper certificate validation.

This vulnerability is identified as CVE-2026-41081. The attack can be executed remotely. There is not any exploit available.

It is suggested to upgrade the affected component.

CVE-2026-41081 | Apache Storm Client up to 2.8.6 TLS Client Authentication Failure certificate validation

Post correlati

CVE-2022-28975 | Infoblox NIOS 8.5.2-409296 VLAN View Name cross site scripting

CVE-2024-7154 | TOTOLINK A3700R 9.1.2u.5822_B20200513 Password Reset /wizard.html access control

CVE-2024-44054 | CryoutCreations Fluida Plugin up to 1.8.8 on WordPress cross site scripting

CVE-2024-5812 | BeyondTrust BeyondInsight PasswordSafe prior 23.2.0.1293/23.3.0.959/24.1.1 API Request authentication spoofing