CVE-2026-42767 NULL Pointer Dereference in CRMF EncryptedValue Decryption

🗓️ 09 Jun 2026 16:03:27Reported by opensslType

CVE-2026-42767: A NULL pointer dereference in CRMF EncryptedValue decryption can crash CMP clients.

Reporter	Title	Published	Views	Family All 43
FreeBSD	OpenSSL -- Multiple vulnerabilities	9 Jun 202600:00	–	freebsd
FreeBSD	FreeBSD -- Multiple vulnerabilities in OpenSSL	9 Jun 202600:00	–	freebsd
AlpineLinux	CVE-2026-42767	9 Jun 202616:03	–	alpinelinux
Chainguard	CVE-2026-42767 vulnerabilities	11 Jun 202613:18	–	cgr
Circl	CVE-2026-42767	10 Jun 202620:00	–	circl
CVE	CVE-2026-42767	9 Jun 202616:03	–	cve
Debian	[SECURITY] [DSA 6335-1] openssl security update	9 Jun 202621:45	–	debian
Debian CVE	CVE-2026-42767	9 Jun 202616:03	–	debiancve
Tenable Nessus	Debian dsa-6335 : libcrypto3-udeb - security update	10 Jun 202600:00	–	nessus
Tenable Nessus	FreeBSD : FreeBSD -- Multiple vulnerabilities in OpenSSL (a57fe2c1-6476-11f1-958d-bc241121aa0a)	11 Jun 202600:00	–	nessus

[
  {
    "defaultStatus": "unaffected",
    "product": "OpenSSL",
    "vendor": "OpenSSL",
    "versions": [
      {
        "lessThan": "4.0.1",
        "status": "affected",
        "version": "4.0.0",
        "versionType": "semver"
      },
      {
        "lessThan": "3.6.3",
        "status": "affected",
        "version": "3.6.0",
        "versionType": "semver"
      },
      {
        "lessThan": "3.5.7",
        "status": "affected",
        "version": "3.5.0",
        "versionType": "semver"
      },
      {
        "lessThan": "3.4.6",
        "status": "affected",
        "version": "3.4.0",
        "versionType": "semver"
      },
      {
        "lessThan": "3.0.21",
        "status": "affected",
        "version": "3.0.0",
        "versionType": "semver"
      }
    ]
  }
]

Source	Link
github	www.github.com/openssl/openssl/commit/61a86a8cd73546c9fea916f3d304c1293e05c046
github	www.github.com/openssl/openssl/commit/810b722f772652ad48042bcc7ab07e3414b11d0f
openssl-library	www.openssl-library.org/news/secadv/20260609.txt
github	www.github.com/openssl/openssl/commit/665d5254083affde9982efca7c41dd01cacc8774
github	www.github.com/openssl/openssl/commit/b90ff3b1bd33b1c18e6a09936d097c2eddef8873
github	www.github.com/openssl/openssl/commit/e6f912907fc2ec82a0fd07aae55172c5e5e3d90d

10 Jun 2026 07:48Current

EPSS0.00058

CWE-476