By weakness (CWE)
CWE-299: related vulnerabilities
CVEs classified under CWE-299. Understanding the weakness class helps prioritize systemic fixes over one-off patches.
1 published vulnerability
- CVE-2026-6899MEDIUM 5.6
A flaw in S2OPC library's CycloneCrypto cryptographic wrapper causes the system to stop checking certificate revocation status after finding the first Certificate Revocation List (CRL) from a Certificate Authority. If additional CRLs exist for the same CA, they are ignored. This means a client or server using a revoked certificate could establish an OPC UA connection when it should be rejected, potentially allowing unauthorized communication with compromised credentials.