CVE-2025-70058
23.02.2026, 16:29
An issue pertaining to CWE-295: Improper Certificate Validation was discovered in YMFE yapi v1.12.0. The application disables TLS/SSL certificate validation by setting 'rejectUnauthorized': false in the HTTPS agent configuration for Axios requestsEnginsight
Awaiting analysis
This vulnerability is currently awaiting analysis.