OpenSSL Security Advisory Assessment, January 2026

🗓️ 28 Jan 2026 00:00:00Reported by OpenJS FoundationType

nodejsblog

nodejsblog🔗 nodejs.org👁 7 Views

OpenSSL advisory lists 12 CVEs; three affect Node.js with PFX handling and will be fixed in updates.

Reporter	Title	Published	Views	Family All 896
GithubExploit	Exploit for CVE-2025-15467	28 Jan 202612:44	–	githubexploit
GithubExploit	Exploit for Out-of-bounds Write in Openssl	7 Apr 202613:40	–	githubexploit
GithubExploit	Exploit for Out-of-bounds Write in Openssl	14 Mar 202614:16	–	githubexploit
GithubExploit	Exploit for CVE-2025-15467	30 Jan 202600:04	–	githubexploit
IBM Security Bulletins	Security Bulletin: IBM i is affected by multiple vulnerabilities in OpenSSL	17 Mar 202621:40	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Instana Observability is affected by multiple vulnerabilities within Instana Agent container image	10 Mar 202612:40	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to multiple Base OS issues	21 May 202615:53	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM watsonx Orchestrate with watsonx Assistant Cartridge	18 May 202607:00	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in IBM CloudPak for AIOps	29 Apr 202613:24	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerability in OpenSSL affects IBM Netezza Appliance	23 Apr 202607:36	–	ibm

28 Jan 2026 00:00Current

6.1Medium risk

Vulners AI Score6.1

CVSS 3.17.5 - 8.8

EPSS0.02889

SSVC

OpenSSL Node.js PFX handling PKCS12 parsing CVE entries updates