Security Advisory

CVE-2025-70058

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-02-23 00:00:00

Last updated 2026-02-25 14:22:25

Assigner mitre

State PUBLISHED

Description

An issue pertaining to CWE-295: Improper Certificate Validation was discovered in YMFE yapi v1.12.0. The application disables TLS/SSL certificate validation by setting rejectUnauthorized: false in the HTTPS agent configuration for Axios requests

← Browse all CVEs View on cve.org ↗