4100 matches found
CVE-2026-42765
Issue summary: When a partial-chain certificate verification is enabled together with OCSP response checking for the whole chain, a NULL dereference will happen if the verified chain does not have a self-signed trusted anchor, crashing the process. Impact summary: A NULL pointer dereference can...
CVE-2026-42764
Issue summary: Receiving a QUIC initial packet with an invalid token may trigger a NULL pointer dereference in the OpenSSL QUIC server with address validation disabled. Impact summary: NULL pointer dereference typically causes abnormal termination of the affected QUIC server process and a Denial ...
CVE-2026-45447 Heap Use-After-Free in the PKCS7_verify() Function
Issue summary: A specially crafted PKCS7 or S/MIME signed message could trigger a use-after-free during PKCS7 signature verification. Impact summary: A use-after-free may result in process crashes, heap corruption, or potentially remote code execution. When processing a PKCS7 or S/MIME signed...
CVE-2026-42770 FFC-DH Peer Validation Uses Attacker-Supplied q
Issue summary: When EVPPKEYderivesetpeer is called with a DHX X9.42 peer key, the peer key is not properly checked for the subgroup membership. Impact summary: A malicious peer which presents an X9.42 key carrying the victim's p and g parameters, a forged q = r a small prime factor of the cofacto...
CVE-2026-42770
CVE-2026-42770 affects OpenSSL FIPS modules (4.0, 3.6, 3.5, 3.4, 3.0) and related deployments using EVP_PKEY_derive_set_peer() with DHX/X9.42 keys. The vulnerability arises when the subgroup check Y^q ≡ 1 (mod p) uses the peer’s q instead of the local key’s q, allowing a malicious X9.42 peer to c...
CVE-2026-42764 NULL Pointer Dereference in QUIC Server Initial Packet Handling
Issue summary: Receiving a QUIC initial packet with an invalid token may trigger a NULL pointer dereference in the OpenSSL QUIC server with address validation disabled. Impact summary: NULL pointer dereference typically causes abnormal termination of the affected QUIC server process and a Denial ...
CVE-2026-34183
Issue summary: Remote peer may exhaust heap memory of the QUIC server or client by flooding it with packets containing PATHCHALLENGE frames. Impact summary: A malicious remote peer can cause an unbounded memory allocation which can lead to an abnormal termination of the application acting as a QU...
CVE-2026-34181
The CVE-2026-34181 issue affects PKCS#12 file processing in OpenSSL where insufficient input validation for PBMAC1 allows forging certificates and private keys. An attacker impersonating a user could cause a service that reads PKCS#12 files to accept forged certificates and keys with about a 1 in...
GHSA-HV4R-MVR4-25VW vulnerabilities
Vulnerabilities for packages: minio, minio-fips...
GHSA-H749-FXX7-PWPG vulnerabilities
Vulnerabilities for packages: minio, minio-fips...
CVE-2026-41145 vulnerabilities
Vulnerabilities for packages: minio, minio-fips...
CVE-2026-39414 vulnerabilities
Vulnerabilities for packages: minio, minio-fips...
CVE-2026-45536 vulnerabilities
Vulnerabilities for packages: trino, s3proxy-fips, apache-hop, neo4j, thingsboard, grpc-java-fips, spark, infinispan, localstack, cassandra, pinot, spark-kubernetes-operator-fips, zookeeper, hono, strimzi-kafka-operator, airbyte-server-fips, apache-pulsar-fips, zookeeper-fips, apache-nifi,...
GHSA-W573-9FFJ-6FF9 vulnerabilities
Vulnerabilities for packages: trino, s3proxy-fips, apache-hop, neo4j, thingsboard, grpc-java-fips, spark, infinispan, localstack, cassandra, pinot, spark-kubernetes-operator-fips, zookeeper, hono, strimzi-kafka-operator, airbyte-server-fips, apache-pulsar-fips, zookeeper-fips, apache-nifi,...
GHSA-3QP7-7MW8-WX86 vulnerabilities
Vulnerabilities for packages: trino, commercial-elasticsearch, s3proxy-fips, apache-hop, ghidra, neo4j, opensearch, thingsboard, grpc-java-fips, elasticsearch, spark, infinispan, knative-kafka-broker, localstack, akhq, cassandra, pinot, selenium, logstash, hono, spark-kubernetes-operator-fips,...
CVE-2026-45416 vulnerabilities
Vulnerabilities for packages: trino, commercial-elasticsearch, s3proxy-fips, apache-hop, ghidra, neo4j, opensearch, thingsboard, grpc-java-fips, elasticsearch, spark, infinispan, knative-kafka-broker, localstack, akhq, cassandra, pinot, selenium, logstash, hono, spark-kubernetes-operator-fips,...
GHSA-X4GW-5CX5-PGMH vulnerabilities
Vulnerabilities for packages: trino, commercial-elasticsearch, s3proxy-fips, apache-hop, ghidra, neo4j, opensearch, thingsboard, grpc-java-fips, elasticsearch, spark, infinispan, knative-kafka-broker, localstack, akhq, cassandra, pinot, selenium, logstash, hono, spark-kubernetes-operator-fips,...
CVE-2026-44249 vulnerabilities
Vulnerabilities for packages: trino, commercial-elasticsearch, s3proxy-fips, apache-hop, ghidra, neo4j, opensearch, thingsboard, grpc-java-fips, elasticsearch, spark, infinispan, knative-kafka-broker, localstack, akhq, cassandra, pinot, selenium, logstash, hono, spark-kubernetes-operator-fips,...
GHSA-QP9X-WP8F-QGJJ vulnerabilities
Vulnerabilities for packages: datadog-agent, datadog-agent-fips...
GHSA-6GHJ-FRRJ-JJJ3 vulnerabilities
Vulnerabilities for packages: trino, seata, apache-hop, apache-hop-fips, management-api-for-apache-cassandra-4.1, pinot-fips, thingsboard, celeborn, tez, management-api-for-apache-cassandra-5.0, management-api-for-apache-cassandra-4.0, pinot...