One CVE affecting TP-Link devices is included in this period’s broader batch under improper certificate validation (CWE-295). No active exploitation evidence was present in source data. TP-Link devices are broadly deployed in SMB and branch environments; certificate validation failures can enable man-in-the-middle attacks on management traffic. Verify affected device models and firmware versions via the TP-Link security advisory portal and apply available firmware updates.