Security Advisories

CVEs and security vulnerabilities discovered and responsibly disclosed by the RasterSec team.

RSEC-2025-001 May 23, 2025

RSEC-2025-001: 3X-UI Update Accepts Forged Server Certificates

3X-UI before v2.5.3 accepts arbitrary server certificate for updates.