Slackware: Security Advisory (SSA:2026-101-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Amazon Linux 2023 : openssl, openssl-devel, openssl-fips-provider-latest (ALAS2023-2026-1586)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1586 advisory. Potential use-after-free in DANE client code CVE-2026-28387 NULL Pointer Dereference When Processing a Delta CRL NOTE: https://openssl-library.org/news/secadv/20260407.txt CVE-2026-28388...

SUSE SLES12 Security Update : openssl-1_0_0 (SUSE-SU-2026:1256-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1256-1 advisory. - CVE-2026-28387: Potential use-after-free in DANE client code bsc1260441. - CVE-2026-28388: NULL Pointer Dereference When Processing a Delta C...

Slackware Linux 15.0 / current openssl Multiple Vulnerabilities (SSA:2026-101-01)

The version of openssl installed on the remote host is prior to 1.1.1zg / 3.5.6. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2026-101-01 advisory. New openssl packages are available for Slackware 15.0 and -current to fix security issues. Tenable has extracted t...

USN-8155-2 openssl, openssl1.0 vulnerabilities

USN-8155-1 fixed vulnerabilities in OpenSSL. This update provides the corresponding updates for CVE-2026-28387 for openssl in Ubuntu 20.04 LTS. CVE-2026-28388 for openssl and openssl1.0 in Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS, and CVE-2026-28389 and...

OpenSSL 3.4.0 < 3.4.5 Multiple Vulnerabilities

The version of OpenSSL installed on the remote host is prior to 3.4.5. It is, therefore, affected by multiple vulnerabilities as referenced in the 3.4.5 advisory. - Issue summary: Converting an excessively large OCTET STRING value to a hexadecimal string leads to a heap buffer overflow on 32 bit...

Advisory ROSA-SA-2026-3241

software: openssl 1.1.1w OS: ROSA-CHROME unaffected versions = openssl-1.1.1.1w-5 affected versions openssl-1.1.1.1w-5 CVE-ID: CVE-2025-68160 BDU-ID: 2026-01216 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the BIOflinebuffer function of the OpenSSL library is related to an operation exceeding...

GHSA-WJ64-GH9J-XM82 vulnerabilities

Vulnerabilities for packages: openssl...

Security Bulletin: IBM i is affected by multiple vulnerabilities in OpenSSL

Summary OpenSSL for IBM i is vulnerable to heap-based out-of-bounds write when parsing CMS AuthEnvelopedData or EnvelopedData message with maliciously crafted AEAD parameters CVE-2025-15467, writing large, newline-free data into a BIO chain CVE-2025-68160, or calling PKCS12getfriendlyname functio...

Siemens SIDIS Prime

SUMMARY SIDIS Prime before V4.0.800 is affected by multiple vulnerabilities in the components OpenSSL, SQLite, and several Node.js packages as described below. Siemens has released a new version of SIDIS Prime and recommends to update to the latest version. 2. GENERAL RECOMMENDATIONS As a...

Multiple vulnerabilities impact AIX due to OpenSSL

IBM SECURITY ADVISORY First Issued: Mon Mar 9 14:38:01 CDT 2026 The most recent version of this document is available here: https://aix.software.ibm.com/aix/efixes/security/openssladvisory46.asc Security Bulletin: Multiple vulnerabilities impact AIX due to OpenSSL...

NewStart CGSL MAIN 6.06 (SP) : openssl Multiple Vulnerabilities (NS-SA-2026-0004)

The remote NewStart CGSL host, running version MAIN 6.06 SP, has openssl packages installed that are affected by multiple vulnerabilities: - In addition to the crehash shell command injection identified in CVE-2022-1292, further circumstances where the crehash script does not properly sanitise...

TencentOS Server 4: edk2 (TSSA-2026:0116)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0116 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

AI Found Twelve New Vulnerabilities in OpenSSL

The title of the post is"What AI Security Research Looks Like When It Works," and I agree: In the latest OpenSSL security release on January 27, 2026, twelve new zero-day vulnerabilities meaning unknown to the maintainers at time of disclosure were announced. Our AI system is responsible for the...

Slackware Linux 15.0 openssl Multiple Vulnerabilities (SSA:2026-037-02)

The version of openssl installed on the remote host is prior to 1.1.1ze. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2026-037-02 advisory. New openssl packages are available for Slackware 15.0 to fix security issues. Tenable has extracted the preceding...

openSUSE 16 Security Update : openssl-3 (openSUSE-SU-2026:20152-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20152-1 advisory. Security fixes: - CVE-2025-11187: Improper validation of PBMAC1 parameters in PKCS12 MAC verification bsc1256829. - CVE-2025-15467: Stack buffer...

SUSE SLES15 Security Update : openssl-1_1 (SUSE-SU-2026:0359-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0359-1 advisory. - CVE-2026-22795: Missing ASN1TYPE validation in PKCS12 parsing bsc1256839. - CVE-2025-69420: Missing ASN1TYPE validation in...

SUSE SLES15 Security Update : openssl-1_1 (SUSE-SU-2026:0360-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0360-1 advisory. - CVE-2026-22795: Missing ASN1TYPE validation in PKCS12 parsing bsc1256839. - CVE-2025-69420: Missing ASN1TYPE validation in...

AlmaLinux 9 : openssl (ALSA-2026:1473)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:1473 advisory. openssl: OpenSSL: Arbitrary code execution or denial of service through crafted PKCS12 file CVE-2025-11187 openssl: OpenSSL: Remote code execution or Deni...

RockyLinux 10 : openssl (RLSA-2026:1472)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:1472 advisory. openssl: OpenSSL: Arbitrary code execution or denial of service through crafted PKCS12 file CVE-2025-11187 openssl: OpenSSL: Remote code execution or...