CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Keylime: >> Keylime >> 7.5.0 Security Vulnerabilities

CVE-2026-1709

A flaw was found in Keylime. The Keylime registrar, since version 7.12.0, does not enforce client-side Transport Layer Security (TLS) authentication. This authentication bypass vulnerability allows unauthenticated clients with network access to perform administrative operations, including listing agents, retrieving public Trusted Platform Module (TPM) data, and deleting agents, by connecting without presenting a client certificate.

CVSS Score

9.4

EPSS Score

0.0

Published

2026-02-06

Page 1

Vulnerabilities

Vulnerable Software

Keylime: >> Keylime >> 7.5.0 Security Vulnerabilities

Products

Pricing

Contact Us