CVE-2025-70045

Published February 23rd, 2026

View on NVD ↗

CVSS v3

7.4

HIGH

CVSS v2

N/A

Affected

PROJECT

Description

An issue pertaining to CWE-295: Improper Certificate Validation was discovered in jxcore jxm master. The application disables TLS/SSL certificate validation by setting 'rejectUnauthorized': false in HTTPS request options when 'jx_obj.IsSecure' is true

jxcore/jxm

Incredibly fast messaging backend for Node.JS / JXcore

GitHub

227