Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

SUSE Linux
SUSE Linuxadded 2026/04/23 3:53 p.m.2 views

Security update for openssl-1_1

This update for openssl-11 fixes the following issues: CVE-2026-28387: Potential use-after-free in DANE client code bsc1260441. CVE-2026-28388: NULL Pointer Dereference When Processing a Delta CRL bsc1260442. CVE-2026-28389: Possible NULL dereference when processing CMS KeyAgreeRecipientInfo...

8.2CVSS6.1AI score0.0014EPSS
Exploits0References20
RedhatCVE
RedhatCVEadded 2026/04/10 9:36 a.m.2 views

CVE-2026-28389

A flaw was found in OpenSSL. A remote attacker could exploit this by sending a specially crafted Cryptographic Message Syntax CMS EnvelopedData message with KeyAgreeRecipientInfo. This vulnerability arises because the software attempts to process an optional field without verifying its existence,...

7.5CVSS5.8AI score0.00113EPSS
Exploits0References4
SUSE CVE
SUSE CVEadded 2026/04/07 11:27 p.m.3 views

SUSE CVE-2026-28389

Issue summary: During processing of a crafted CMS EnvelopedData message with KeyAgreeRecipientInfo a NULL pointer dereference can happen. Impact summary: Applications that process attacker-controlled CMS data may crash before authentication or cryptographic operations occur resulting in Denial of...

5.3CVSS5.9AI score0.00113EPSS
Exploits0References19
NVD
NVDadded 2026/04/07 10:16 p.m.1 views

CVE-2026-28389

Issue summary: During processing of a crafted CMS EnvelopedData message with KeyAgreeRecipientInfo a NULL pointer dereference can happen. Impact summary: Applications that process attacker-controlled CMS data may crash before authentication or cryptographic operations occur resulting in Denial of...

7.5CVSS0.00113EPSS
Exploits0References8
Tenable Nessus
Tenable Nessusadded 2026/04/07 12:0 a.m.6 views

OpenSSL 1.0.2 < 1.0.2zp Multiple Vulnerabilities

The version of OpenSSL installed on the remote host is prior to 1.0.2zp. It is, therefore, affected by multiple vulnerabilities as referenced in the 1.0.2zp advisory. - Issue summary: During processing of a crafted CMS EnvelopedData message with KeyTransportRecipientInfo a NULL pointer dereferenc...

7.5CVSS5.9AI score0.0014EPSS
Exploits0References8
Positive Technologies
Positive Technologiesadded 2026/04/07 12:0 a.m.3 views

PT-2026-31038

Name of the Vulnerable Software and Affected Versions OpenSSL versions 3.0 through 3.6 Description Processing a crafted CMS EnvelopedData message with KeyAgreeRecipientInfo can lead to a NULL pointer dereference. This can cause applications that process attacker-controlled CMS data to crash befor...

9.8CVSS5.8AI score0.0014EPSS
Exploits0References101
UbuntuCve
UbuntuCveadded 2026/04/07 12:0 a.m.1 views

CVE-2026-28389

Issue summary: During processing of a crafted CMS EnvelopedData message with KeyAgreeRecipientInfo a NULL pointer dereference can happen. Impact summary: Applications that process attacker-controlled CMS data may crash before authentication or cryptographic operations occur resulting in Denial of...

7.5CVSS5.3AI score0.00113EPSS
Exploits0References4
Rows per page
Query Builder