TencentOS Server 4: edk2 (TSSA-2026:0116)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0116 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

AI Found Twelve New Vulnerabilities in OpenSSL

The title of the post is"What AI Security Research Looks Like When It Works," and I agree: In the latest OpenSSL security release on January 27, 2026, twelve new zero-day vulnerabilities meaning unknown to the maintainers at time of disclosure were announced. Our AI system is responsible for the...

Slackware Linux 15.0 openssl Multiple Vulnerabilities (SSA:2026-037-02)

The version of openssl installed on the remote host is prior to 1.1.1ze. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2026-037-02 advisory. New openssl packages are available for Slackware 15.0 to fix security issues. Tenable has extracted the preceding...

openSUSE 16 Security Update : openssl-3 (openSUSE-SU-2026:20152-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20152-1 advisory. Security fixes: - CVE-2025-11187: Improper validation of PBMAC1 parameters in PKCS12 MAC verification bsc1256829. - CVE-2025-15467: Stack buffer...

SUSE SLES15 Security Update : openssl-1_1 (SUSE-SU-2026:0359-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0359-1 advisory. - CVE-2026-22795: Missing ASN1TYPE validation in PKCS12 parsing bsc1256839. - CVE-2025-69420: Missing ASN1TYPE validation in...

SUSE SLES15 Security Update : openssl-1_1 (SUSE-SU-2026:0360-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0360-1 advisory. - CVE-2026-22795: Missing ASN1TYPE validation in PKCS12 parsing bsc1256839. - CVE-2025-69420: Missing ASN1TYPE validation in...

AlmaLinux 9 : openssl (ALSA-2026:1473)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:1473 advisory. openssl: OpenSSL: Arbitrary code execution or denial of service through crafted PKCS12 file CVE-2025-11187 openssl: OpenSSL: Remote code execution or Deni...

SUSE SLED15 / SLES15 Security Update : openssl-1_1 (SUSE-SU-2026:0331-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0331-1 advisory. - CVE-2026-22795: Missing ASN1TYPE validation in PKCS12 parsing bsc1256839. - CVE-2025-69420: Missing ASN1TYPE...

RockyLinux 9 : openssl (RLSA-2026:1473)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:1473 advisory. openssl: OpenSSL: Arbitrary code execution or denial of service through crafted PKCS12 file CVE-2025-11187 openssl: OpenSSL: Remote code execution or...

RockyLinux 10 : openssl (RLSA-2026:1472)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:1472 advisory. openssl: OpenSSL: Arbitrary code execution or denial of service through crafted PKCS12 file CVE-2025-11187 openssl: OpenSSL: Remote code execution or...

SUSE SLES15 / openSUSE 15 Security Update : openssl-1_1 (SUSE-SU-2026:0346-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0346-1 advisory. - CVE-2026-22795: Missing ASN1TYPE validation in PKCS12 parsing bsc1256839. - CVE-2025-69420: Missing ASN1TYPE...

RLSA-2026:1472 Important: openssl security update

OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength general-purpose cryptography library. Security Fixes: openssl: OpenSSL: Arbitrary code execution or denial of service through crafted PKCS12 file CVE-2025-11187...

MGASA-2026-0029 Updated openssl packages fix security vulnerabilities

Stack buffer overflow in CMS AuthEnvelopedData parsing. CVE-2025-15467 Heap out-of-bounds write in BIOflinebuffer on short writes. CVE-2025-68160 Unauthenticated/unencrypted trailing bytes with low-level OCB function calls. CVE-2025-69418 Out of bounds write in PKCS12getfriendlyname UTF-8...

Ubuntu 22.04 LTS / 24.04 LTS / 25.10 : OpenSSL vulnerabilities (USN-7980-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7980-1 advisory. Stanislav Fort, Petr imeek, and Hamza discovered that OpenSSL incorrectly validated PBMAC1 parameters when doing PKCS12 MAC...

GHSA-HPC7-GCQM-58FV vulnerabilities

Vulnerabilities for packages: openssl...

GHSA-3VQQ-45QG-2XF6 vulnerabilities

Vulnerabilities for packages: openssl...

CVE-2025-66199 vulnerabilities

Vulnerabilities for packages: openssl...

CVE-2025-69421 vulnerabilities

Vulnerabilities for packages: openssl...

GHSA-W9RV-XC8M-CMQP vulnerabilities

Vulnerabilities for packages: openssl...

GHSA-RHX3-FG8P-F9M4 vulnerabilities

Vulnerabilities for packages: openssl...