CVE-2026-22795 Missing ASN1_TYPE validation in PKCS#12 parsing

🗓️ 27 Jan 2026 16:01:27Reported by opensslType

Low severity invalid pointer read in PKCS twelve parsing may cause denial of service.

Reporter	Title	Published	Views	Family All 219
IBM Security Bulletins	Security Bulletin: IBM i is affected by multiple vulnerabilities in OpenSSL	17 Mar 202621:40	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in openssl affects IBM Netezza Appliance	12 May 202606:56	–	ibm
IBM Security Bulletins	Security Bulletin: IBM MQ is affected by multiple CVEs (CVE-2025-11187, CVE-2025-15467, CVE-2025-15468, CVE-2025-15469, CVE-2025-66199, CVE-2025-68160, CVE-2025-69418, CVE-2025-69419, CVE-2025-69420, CVE-2025-69421, CVE-2026-22795, CVE-2026-22796)	2 Mar 202611:34	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities impact AIX/VIOS due to OpenSSL	9 Mar 202621:03	–	ibm
IBM Security Bulletins	Security Bulletin: IBM InfoSphere Information Server is affected by multiple vulnerabilities in OpenSSL	13 Apr 202618:02	–	ibm
IBM Security Bulletins	Security Bulletin: IBM DataPower Gateway vulnerable to Denial of Service	27 Mar 202617:55	–	ibm
FreeBSD	OpenSSL -- Multiple vulnerabilities	27 Jan 202600:00	–	freebsd
ATTACKERKB	CVE-2026-22795	27 Jan 202616:01	–	attackerkb
Tenable Nessus	Amazon Linux 2023 : openssl, openssl-devel, openssl-fips-provider-latest (ALAS2023-2026-1434)	19 Feb 202600:00	–	nessus
Tenable Nessus	Amazon Linux 2 : edk2, --advisory ALAS2-2026-3150 (ALAS-2026-3150)	19 Feb 202600:00	–	nessus

[
  {
    "defaultStatus": "unaffected",
    "product": "OpenSSL",
    "vendor": "OpenSSL",
    "versions": [
      {
        "lessThan": "3.6.1",
        "status": "affected",
        "version": "3.6.0",
        "versionType": "semver"
      },
      {
        "lessThan": "3.5.5",
        "status": "affected",
        "version": "3.5.0",
        "versionType": "semver"
      },
      {
        "lessThan": "3.4.4",
        "status": "affected",
        "version": "3.4.0",
        "versionType": "semver"
      },
      {
        "lessThan": "3.3.6",
        "status": "affected",
        "version": "3.3.0",
        "versionType": "semver"
      },
      {
        "lessThan": "3.0.19",
        "status": "affected",
        "version": "3.0.0",
        "versionType": "semver"
      },
      {
        "lessThan": "1.1.1ze",
        "status": "affected",
        "version": "1.1.1",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
github	www.github.com/openssl/openssl/commit/572844beca95068394c916626a6d3a490f831a49
github	www.github.com/openssl/openssl/commit/eeee3cbd4d682095ed431052f00403004596373e
github	www.github.com/openssl/openssl/commit/2502e7b7d4c0cf4f972a881641fe09edc67aeec4
openssl-library	www.openssl-library.org/news/secadv/20260127.txt
github	www.github.com/openssl/openssl/commit/7bbca05be55b129651d9df4bdb92becc45002c12
github	www.github.com/openssl/openssl/commit/ef2fb66ec571564d64d1c74a12e388a2a54d05d2

27 Jan 2026 16:01Current

EPSS0.00048

CWE-754