Ayms Node-To Improper Certificate Validation Vulnerability

Vulnerability

A vulnerability exists in Ayms node-To master branch, where the application improperly validates TLS/SSL certificates. This is achieved by setting 'rejectUnauthorized' to false in the TLS socket options, which can allow man-in-the-middle attackers to spoof servers and intercept sensitive data.

Impact

Exploitation of this vulnerability could lead to man-in-the-middle attacks, allowing interception of sensitive data and server spoofing.

Added: Feb 23, 2026, 4:40 PM

Updated: Feb 23, 2026, 6:35 PM

Vulnerability Rating

Custom Algorithm

spread

6.6

impact

2.5

exploitability

4.3

remediation

0.0

relevance

3.1

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

6.6

impact

2.5

exploitability

4.3

remediation

0.0

relevance

3.1

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Ayms Node-To Improper Certificate Validation Vulnerability

Vulnerability

Impact

Affected Products

Ayms node-Tor

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating