Advanced Threat Data Export

Filter and download the raw CVE repository (CSV/JSON) for SIEM integration and internal reporting.

Vulnerability Keyword

Date Range

Severity

Format

Upgrade Package

Data export is locked. Upgrade your package to enable filtering and downloading.

← Back to CVE List

CVE-2025-44005NVD

Description

An attacker can bypass authorization checks and force a Step CA ACME or SCEP provisioner to create certificates without completing certain protocol authorization checks.

Severity Level

CRITICAL (10.0)

Published Date

17/12/2025

Last Modified

18/12/2025

Exploitation Status

UNKNOWN

References

https://github.com/smallstep/certificates/security/advisories/GHSA-h8cp-697h-8c8p
https://talosintelligence.com/vulnerability_reports/TALOS-2025-2242
https://www.talosintelligence.com/vulnerability_reports/TALOS-2025-2242