CVE-2026-45446 Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes

Issue summary: The implementations of AES-SIV RFC 5297 and AES-GCM-SIV RFC 8452 mishandle the authentication of AAD Additional Authenticated Data with an empty ciphertext allowing a forgery of such messages. Impact summary: An attacker can forge empty messages with arbitrary AAD to the victim's...

CVE-2026-45446

Issue summary: The implementations of AES-SIV RFC 5297 and AES-GCM-SIV RFC 8452 mishandle the authentication of AAD Additional Authenticated Data with an empty ciphertext allowing a forgery of such messages. Impact summary: An attacker can forge empty messages with arbitrary AAD to the victim's...

CVE-2026-45446

CVE-2026-45446 concerns OpenSSL implementations of AES-SIV (RFC 5297) and AES-GCM-SIV (RFC 8452). The root cause is that the expected authentication tag is computed only when the decryption function processes non-empty data; if a caller provides AAD and then invokes DecryptFinal without any ciphe...

CVE-2026-42770

Issue summary: When EVPPKEYderivesetpeer is called with a DHX X9.42 peer key, the peer key is not properly checked for the subgroup membership. Impact summary: A malicious peer which presents an X9.42 key carrying the victim's p and g parameters, a forged q = r a small prime factor of the cofacto...

CVE-2026-42766 Possible NULL Dereference in Password-Based CMS Decryption

Issue summary: A specially crafted password-encrypted CMS message can trigger a NULL pointer dereference during CMS decryption. Impact summary: This NULL pointer dereference leads to an application crash and a Denial of Service. The CMS PasswordRecipientInfo.keyDerivationAlgorithm field is define...

CVE-2026-42765 NULL Dereference in Certificate Verification with OCSP Checking

Issue summary: When a partial-chain certificate verification is enabled together with OCSP response checking for the whole chain, a NULL dereference will happen if the verified chain does not have a self-signed trusted anchor, crashing the process. Impact summary: A NULL pointer dereference can...

CVE-2026-42764 NULL Pointer Dereference in QUIC Server Initial Packet Handling

Issue summary: Receiving a QUIC initial packet with an invalid token may trigger a NULL pointer dereference in the OpenSSL QUIC server with address validation disabled. Impact summary: NULL pointer dereference typically causes abnormal termination of the affected QUIC server process and a Denial ...

CVE-2026-42764

Issue summary: Receiving a QUIC initial packet with an invalid token may trigger a NULL pointer dereference in the OpenSSL QUIC server with address validation disabled. Impact summary: NULL pointer dereference typically causes abnormal termination of the affected QUIC server process and a Denial ...

CVE-2026-42764

In OpenSSL’s QUIC server implementation, receiving a QUIC initial packet with an invalid or expired token can trigger a NULL pointer dereference, potentially crashing the server and causing a Denial of Service. The issue occurs when address validation is disabled, specifically when SSL_LISTENER_F...

CVE-2026-7383 Possible Heap Buffer Overflow in ASN.1 Multibyte String Conversion

Issue summary: A signed integer overflow when sizing the destination buffer for Unicode output in ASN1mbstringncopy can lead to a heap buffer overflow. Impact summary: A heap buffer overflow may lead to a crash or possibly attacker controlled code execution or other undefined behaviour. In...

CVE-2026-7383

The CVE concerns OpenSSL’s ASN1 mbstring handling (functions ASN1_mbstring_copy() and ASN1_mbstring_ncopy()). A signed integer overflow in sizing the destination buffer for Unicode output can cause a heap buffer overflow, potentially crashing a process or enabling attacker-controlled code executi...

[SECURITY] [DLA 4624-1] openssl security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4624-1 [email protected] https://www.debian.org/lts/security/ Arnaud Rebillout June 09, 2026 https://wiki.debian.org/LTS -...

OpenSSL 4.0.0 < 4.0.1 Multiple Vulnerabilities

The version of OpenSSL installed on the remote host is prior to 4.0.1. It is, therefore, affected by multiple vulnerabilities as referenced in the 4.0.1 advisory. - Issue summary: A specially crafted PKCS7 or S/MIME signed message could trigger a use-after-free during PKCS7 signature verification...

OpenSSL 安全漏洞

OpenSSL is an open-source encryption library developed by the OpenSSL team, capable of implementing Secure Sockets Layer SSLv2/v3 and Secure Transport Layer TLSv1 protocols. This product supports various encryption algorithms, including symmetric ciphers, hash algorithms, and secure hash...

OpenSSL 安全漏洞

OpenSSL is an open-source encryption library developed by the OpenSSL team that enables secure implementation of Secure Sockets Layer SSLv2/v3 and Secure Transport Layer TLSv1 protocols. This product supports various encryption algorithms, including symmetric ciphers, hash algorithms, and secure...

OpenSSL 缓冲区错误漏洞

OpenSSL is an open-source encryption library developed by the OpenSSL team that enables secure implementation of Secure Sockets Layer SSLv2/v3 and Secure Transport Layer TLSv1 protocols. This product supports various encryption algorithms, including symmetric ciphers, hash algorithms, and secure...

PT-2026-47844

Name of the Vulnerable Software and Affected Versions OpenSSL affected versions not specified Description A use-after-free condition occurs during PKCS7 signature verification when processing a specially crafted PKCS7 or S/MIME signed message. Specifically, if the SignedData digestAlgorithms fiel...

OpenSSL Toolkit 4.0.1

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer and Transport Layer Security protocols with full-strength cryptography world-wide. This is the 4.0 release...

PT-2026-47836

Name of the Vulnerable Software and Affected Versions OpenSSL affected versions not specified Description A NULL pointer dereference can occur during the decryption of password-encrypted Cryptographic Message Syntax CMS messages. The issue arises because the OpenSSL CMS implementation dereference...

PT-2026-47837

Name of the Vulnerable Software and Affected Versions OpenSSL affected versions not specified Description A NULL pointer dereference can occur in a CMP client application when processing a crafted CMP response. An attacker controlling a CMP server or acting as a man-in-the-middle can send a CRMF...