CVE-2026-22796

🗓️ 27 Jan 2026 16:01:28Reported by opensslType

cve🔗 web.nvd.nist.gov📰️ 1 Media mentions👁 56 Views

CVE-2026-22796 causes type confusion in PKCS7_digest_from_attributes causing denial of service.

Reporter	Title	Published	Views	Family All 231
FreeBSD	OpenSSL -- Multiple vulnerabilities	27 Jan 202600:00	–	freebsd
IBM Security Bulletins	Security Bulletin: This Power System update is being released to address CVE-2026-22796	14 May 202616:40	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in openssl affects IBM Netezza Appliance	12 May 202606:56	–	ibm
IBM Security Bulletins	Security Bulletin: IBM MQ is affected by multiple CVEs (CVE-2025-11187, CVE-2025-15467, CVE-2025-15468, CVE-2025-15469, CVE-2025-66199, CVE-2025-68160, CVE-2025-69418, CVE-2025-69419, CVE-2025-69420, CVE-2025-69421, CVE-2026-22795, CVE-2026-22796)	2 Mar 202611:34	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities impact AIX/VIOS due to OpenSSL	9 Mar 202621:03	–	ibm
IBM Security Bulletins	Security Bulletin: This Power System update is being released to address CVE-2026-22796	14 May 202616:40	–	ibm
IBM Security Bulletins	Security Bulletin: IBM InfoSphere Information Server is affected by multiple vulnerabilities in OpenSSL	13 Apr 202618:02	–	ibm
IBM Security Bulletins	Security Bulletin: This Power System update is being released to address CVE-2026-22796	4 May 202622:53	–	ibm
ATTACKERKB	CVE-2026-22796	27 Jan 202616:01	–	attackerkb
Tenable Nessus	Amazon Linux 2023 : openssl, openssl-devel, openssl-fips-provider-latest (ALAS2023-2026-1434)	19 Feb 202600:00	–	nessus

NVD

Vulners

Node

openssl opensslRange1.0.2–1.0.2zn

openssl opensslRange1.1.1–1.1.1ze

openssl opensslRange3.0.0–3.0.19

openssl opensslRange3.3.0–3.3.6

openssl opensslRange3.4.0–3.4.4

openssl opensslRange3.5.0–3.5.5

openssl opensslRange3.6.0–3.6.1

[
  {
    "defaultStatus": "unaffected",
    "product": "OpenSSL",
    "vendor": "OpenSSL",
    "versions": [
      {
        "lessThan": "3.6.1",
        "status": "affected",
        "version": "3.6.0",
        "versionType": "semver"
      },
      {
        "lessThan": "3.5.5",
        "status": "affected",
        "version": "3.5.0",
        "versionType": "semver"
      },
      {
        "lessThan": "3.4.4",
        "status": "affected",
        "version": "3.4.0",
        "versionType": "semver"
      },
      {
        "lessThan": "3.3.6",
        "status": "affected",
        "version": "3.3.0",
        "versionType": "semver"
      },
      {
        "lessThan": "3.0.19",
        "status": "affected",
        "version": "3.0.0",
        "versionType": "semver"
      },
      {
        "lessThan": "1.1.1ze",
        "status": "affected",
        "version": "1.1.1",
        "versionType": "custom"
      },
      {
        "lessThan": "1.0.2zn",
        "status": "affected",
        "version": "1.0.2",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
github	www.github.com/openssl/openssl/commit/572844beca95068394c916626a6d3a490f831a49
github	www.github.com/openssl/openssl/commit/eeee3cbd4d682095ed431052f00403004596373e
github	www.github.com/openssl/openssl/commit/2502e7b7d4c0cf4f972a881641fe09edc67aeec4
openssl-library	www.openssl-library.org/news/secadv/20260127.txt
github	www.github.com/openssl/openssl/commit/7bbca05be55b129651d9df4bdb92becc45002c12
github	www.github.com/openssl/openssl/commit/ef2fb66ec571564d64d1c74a12e388a2a54d05d2
cert-portal	www.cert-portal.siemens.com/productcert/html/ssa-265688.html

12 May 2026 13:17Current

5.9Medium risk

Vulners AI Score5.9

CVSS 3.15.3

EPSS0.0052

SSVC

CWE-754