AlmaLinux 9 : edk2 (ALSA-2026:2776)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:2776 advisory. openssl: Out-of-bounds read & write in RFC 3211 KEK Unwrap CVE-2025-9230 Tenable has extracted the preceding description block directly from the AlmaLinux security...

Amazon Linux 2 : edk2, --advisory ALAS2-2026-3150 (ALAS-2026-3150)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3150 advisory. Writing large, newline-free data into a BIO chain using the line-buffering filter where the next BIO performs short writes can trigger a heap-based out-of-bounds write. CVE-2025-68160 When using...

Medium: curl

Issue Overview: curl's code for managing SSH connections when SFTP was done using the wolfSSH powered backend was flawed and missed host verification mechanisms. This prevents curl from detecting MITM attackers and more. CVE-2025-10966 broken TLS options for threaded LDAPS NOTE:...

Important: openssl11

Issue Overview: Writing large, newline-free data into a BIO chain using the line-buffering filter where the next BIO performs short writes can trigger a heap-based out-of-bounds write. CVE-2025-68160 When using the low-level OCB API directly with AES-NI or other hardware-accelerated code paths,...

Important: openssl

Issue Overview: Writing large, newline-free data into a BIO chain using the line-buffering filter where the next BIO performs short writes can trigger a heap-based out-of-bounds write. CVE-2025-68160 A type confusion vulnerability exists in the TimeStamp Response verification code where an ASN1TY...

Important: openssl-snapsafe

Issue Overview: Writing large, newline-free data into a BIO chain using the line-buffering filter where the next BIO performs short writes can trigger a heap-based out-of-bounds write. CVE-2025-68160 A type confusion vulnerability exists in the TimeStamp Response verification code where an ASN1TY...

Amazon Linux 2 : openssl11, --advisory ALAS2-2026-3169 (ALAS-2026-3169)

The version of openssl11 installed on the remote host is prior to 1.1.1zf-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3169 advisory. Writing large, newline-free data into a BIO chain using the line-buffering filter where the next BIO performs short...

Amazon Linux 2 : openssl-snapsafe, --advisory ALAS2OPENSSL-SNAPSAFE-2026-009 (ALASOPENSSL-SNAPSAFE-2026-009)

The version of openssl-snapsafe installed on the remote host is prior to 1.0.2k-24. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2OPENSSL-SNAPSAFE-2026-009 advisory. Writing large, newline-free data into a BIO chain using the line-buffering filter where the next...

Amazon Linux 2 : openssl, --advisory ALAS2-2026-3168 (ALAS-2026-3168)

The version of openssl installed on the remote host is prior to 1.0.2k-24. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3168 advisory. Writing large, newline-free data into a BIO chain using the line-buffering filter where the next BIO performs short writ...

Amazon Linux 2023 : openssl, openssl-devel, openssl-fips-provider-latest (ALAS2023-2026-1434)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1434 advisory. If an application using the SSLCIPHERfind function in a QUIC protocol client or server receives an unknown cipher suite from the peer, a NULL dereference occurs. CVE-2025-15468 A TLS 1.3...

OpenSSL Stack buffer overflow in CMS AuthEnvelopedData parsing

Brocade Security has become aware of a stack buffer overflow that could lead to a crash, causing Denial of Service, or potentially remote code execution. A remote attacker can exploit a stack buffer overflow vulnerability by supplying a crafted Cryptographic Message Syntax CMS message with an...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.17.49 bug fix and security update

Red Hat OpenShift Container Platform release 4.17.49 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.17. Red Hat Product Security has rated this update as having a...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.19.24 bug fix and security update

Red Hat OpenShift Container Platform release 4.19.24 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.19. Red Hat Product Security has rated this update as having a...

CVE-2026-23229

In the Linux kernel, the following vulnerability has been resolved: crypto: virtio - Add spinlock protection with virtqueue notification When VM boots with one virtio-crypto PCI device and builtin backend, run openssl benchmark command with multiple processes, such as openssl speed -evp aes-128-c...

UBUNTU-CVE-2026-23229

In the Linux kernel, the following vulnerability has been resolved: crypto: virtio - Add spinlock protection with virtqueue notification When VM boots with one virtio-crypto PCI device and builtin backend, run openssl benchmark command with multiple processes, such as openssl speed -evp aes-128-c...

CVE-2026-23229

In the Linux kernel, the following vulnerability has been resolved: crypto: virtio - Add spinlock protection with virtqueue notification When VM boots with one virtio-crypto PCI device and builtin backend, run openssl benchmark command with multiple processes, such as openssl speed -evp aes-128-c...

CVE-2026-23229 crypto: virtio - Add spinlock protection with virtqueue notification

In the Linux kernel, the following vulnerability has been resolved: crypto: virtio - Add spinlock protection with virtqueue notification When VM boots with one virtio-crypto PCI device and builtin backend, run openssl benchmark command with multiple processes, such as openssl speed -evp aes-128-c...

CVE-2026-23229

In the Linux kernel, the following vulnerability has been resolved: crypto: virtio - Add spinlock protection with virtqueue notification When VM boots with one virtio-crypto PCI device and builtin backend, run openssl benchmark command with multiple processes, such as openssl speed -evp aes-128-c...

CVE-2026-23229

CVE-2026-23229 is a Linux kernel vulnerability in virtio-crypto where missing spinlock protection around virtqueue done notifications can cause hangs (e.g., openssl speed benchmark with multi-process workloads). Root cause: data virtqueue handling without spinlock protection in virtcrypto_done_ta...

AI Found Twelve New Vulnerabilities in OpenSSL

The title of the post is"What AI Security Research Looks Like When It Works," and I agree: In the latest OpenSSL security release on January 27, 2026, twelve new zero-day vulnerabilities meaning unknown to the maintainers at time of disclosure were announced. Our AI system is responsible for the...