By weakness (CWE)

CWE-299: related vulnerabilities

CVEs classified under CWE-299. Understanding the weakness class helps prioritize systemic fixes over one-off patches.

1 published vulnerability

  • CVE-2026-6899MEDIUM 5.6

    A flaw in S2OPC library's CycloneCrypto cryptographic wrapper causes the system to stop checking certificate revocation status after finding the first Certificate Revocation List (CRL) from a Certificate Authority. If additional CRLs exist for the same CA, they are ignored. This means a client or server using a revoked certificate could establish an OPC UA connection when it should be rejected, potentially allowing unauthorized communication with compromised credentials.