CVE ID : CVE-2025-41256
Published : June 25, 2025, 10:15 a.m. | 42 minutes ago
Description : Cyberduck and Mountain Duck improper handle TLS certificate pinning for untrusted certificates (e.g., self-signed), since the certificate fingerprint is stored as SHA-1, although SHA-1 is considered weak.
This issue affects Cyberduck: through 9.1.6; Mountain Duck: through 4.17.5.
Severity: 7.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
Source: Read More