Key Information Vulnerability Overview Title: Manager generates mTLS certificates for arbitrary IP addresses Severity: High CVE ID: CVE-2025-59353 Affected Versions: <2.1.0 Fixed Version: 2.1.0 Impact Description: Attackers can obtain valid TLS certificates for arbitrary IP addresses, effectively breaking mTLS authentication. The issue stems from the Manager's Certificate gRPC service not verifying whether the requested IP address belongs to the peer requesting the certificate. Code Snippet: Mitigation Patch: Dragonfly v2.1.0 or later. Workaround Workaround: No effective workaround available; upgrade to the patched version is required. References Third-party security audit performed by Trail of Bits; full report available. For questions or comments, contact dragonfly-maintainers@googlegroups.com.