EUVD-2026-35474

🗓️ 09 Jun 2026 18:31:01Reported by EUVDType

Signed integer overflow sizing the Unicode destination in ASN1_mbstring_ncopy causes heap buffer overflow.

Reporter	Title	Published	Views	Family All 133
FreeBSD	OpenSSL -- Multiple vulnerabilities	9 Jun 202600:00	–	freebsd
FreeBSD	FreeBSD -- Multiple vulnerabilities in OpenSSL	9 Jun 202600:00	–	freebsd
Tenable Nessus	Amazon Linux 2023 : openssl, openssl-devel, openssl-fips-provider-latest (ALAS2023-2026-1853)	22 Jun 202600:00	–	nessus
Tenable Nessus	Amazon Linux 2 : edk2, --advisory ALAS2-2026-3363 (ALAS-2026-3363)	22 Jun 202600:00	–	nessus
Tenable Nessus	Amazon Linux 2 : openssl11, --advisory ALAS2-2026-3364 (ALAS-2026-3364)	22 Jun 202600:00	–	nessus
Tenable Nessus	Amazon Linux 2 : openssl, --advisory ALAS2-2026-3365 (ALAS-2026-3365)	22 Jun 202600:00	–	nessus
Tenable Nessus	Amazon Linux 2 : openssl-snapsafe, --advisory ALAS2OPENSSL-SNAPSAFE-2026-011 (ALASOPENSSL-SNAPSAFE-2026-011)	22 Jun 202600:00	–	nessus
Tenable Nessus	AlmaLinux 10 : openssl (ALSA-2026:25237)	11 Jun 202600:00	–	nessus
Tenable Nessus	Debian dla-4630 : libcrypto1.1-udeb - security update	15 Jun 202600:00	–	nessus
Tenable Nessus	Debian dsa-6335 : libcrypto3-udeb - security update	10 Jun 202600:00	–	nessus

[
  {
    "enisaIdVendor": [
      {
        "id": "ce89d2bf-25f3-398a-b22d-d8a9c2ea49dd",
        "vendor": {
          "name": "OpenSSL"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "033e001e-fbe2-3d05-ac21-091eecc09a51",
        "product": {
          "name": "OpenSSL",
          "vendor": {
            "name": "OpenSSL"
          }
        },
        "product_version": "4.0.0 <4.0.1"
      },
      {
        "id": "7f48bc35-4c86-3dad-afca-fd9e520f92eb",
        "product": {
          "name": "OpenSSL",
          "vendor": {
            "name": "OpenSSL"
          }
        },
        "product_version": "3.4.0 <3.4.6"
      },
      {
        "id": "cd4fdf15-68df-3118-93ed-8b31aeafdc72",
        "product": {
          "name": "OpenSSL",
          "vendor": {
            "name": "OpenSSL"
          }
        },
        "product_version": "3.5.0 <3.5.7"
      },
      {
        "id": "dcf93746-f2d3-3039-a2eb-ab0c7f0b08bf",
        "product": {
          "name": "OpenSSL",
          "vendor": {
            "name": "OpenSSL"
          }
        },
        "product_version": "3.6.0 <3.6.3"
      },
      {
        "id": "e4c20d65-38e9-3b0e-b686-899d4d540aef",
        "product": {
          "name": "OpenSSL",
          "vendor": {
            "name": "OpenSSL"
          }
        },
        "product_version": "3.0.0 <3.0.21"
      },
      {
        "id": "f523ef6a-2f6f-3cd3-ba46-3c141749d250",
        "product": {
          "name": "OpenSSL",
          "vendor": {
            "name": "OpenSSL"
          }
        },
        "product_version": "1.0.2 <1.0.2zq"
      },
      {
        "id": "f87681f1-4506-312e-89de-59def994a413",
        "product": {
          "name": "OpenSSL",
          "vendor": {
            "name": "OpenSSL"
          }
        },
        "product_version": "1.1.1 <1.1.1zh"
      }
    ]
  }
]

Source	Link
openssl-library	www.openssl-library.org/news/secadv/20260609.txt
github	www.github.com/openssl/security/commit/d32350ae8ef7426718f5aa9e383d4b51398ee255
github	www.github.com/openssl/security/commit/c332adaced43bcbb85f97410597e951c11ec3083
github	www.github.com/openssl/security/commit/80c15faaf78042bbb8654a0e234c50c381732f74
github	www.github.com/openssl/security/commit/4f8d2bddaa2c8e06f9c33390ee1717059a6e4be6
github	www.github.com/openssl/security/commit/bd17511070fb39a67bfa19682affb765e706a974
nvd	www.nvd.nist.gov/vuln/detail/CVE-2026-7383

09 Jun 2026 18:31Current

6.3Medium risk

Vulners AI Score6.3

CVSS 3.18.1

EPSS0.00358

SSVC