Lucene search
K

23388 matches found

ATTACKERKB
ATTACKERKB
added 2026/06/25 4:56 p.m.5 views

CVE-2026-11999

X.509 trust-chain bypass path-depth exhaustion in the OpenSSL compatibility certificate verifier wolfSSLX509verifycert. This affects only builds with --enable-opensslextra whose application calls X509verifycert with caller-supplied untrusted intermediates; for those users it is critical, otherwis...

8.2CVSS5.9AI score0.00145EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/25 4:51 p.m.7 views

CVE-2026-55961

wolfSSLPKCS7verify returning success for a degenerate certs-only PKCS7 object that contains no signer. Such an object has empty signerInfos, so the underlying signed-data verification succeeds without authenticating any content. The compatibility-layer verify path now rejects the object when no...

8.2CVSS5.8AI score0.00095EPSS
Exploits0References3Affected Software1
EUVD
EUVD
added 2026/06/25 4:51 p.m.6 views

EUVD-2026-39491

wolfSSLPKCS7verify returning success for a degenerate certs-only PKCS7 object that contains no signer. Such an object has empty signerInfos, so the underlying signed-data verification succeeds without authenticating any content. The compatibility-layer verify path now rejects the object when no...

8.2CVSS5.8AI score0.00095EPSS
Exploits0References2
CVE
CVE
added 2026/06/25 4:51 p.m.18 views

CVE-2026-55961

The CVE describes a flaw in wolfSSL where wolfSSL_PKCS7_verify() incorrectly reported success for a degenerate PKCS#7 object that contains no signer. In such objects, signerInfos is empty, so underlying signed-data verification could succeed without authenticating any content. The fix enforces th...

8.2CVSS5.8AI score0.00095EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/06/25 4:46 p.m.7 views

EUVD-2026-39486

Partial-chain certificate verification may accept chains that terminate at a peer-supplied, untrusted intermediate certificate rather than a trusted anchor. An attacker could present a chain that ends at an intermediate they control and have it accepted as valid. This affects the OpenSSL...

6CVSS5.9AI score0.00121EPSS
Exploits0References2
CVE
CVE
added 2026/06/25 4:46 p.m.16 views

CVE-2026-6091

Partial-chain certificate verification may accept chains that terminate at a peer-supplied, untrusted intermediate certificate rather than a trusted anchor. The vulnerability affects the wolfSSL OpenSSL compatibility certificate-path-building path (wolfSSL_X509_verify_cert / X509_STORE, OPENSSL_E...

6.5CVSS5.9AI score0.00121EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/06/25 10:42 a.m.3 views

RHSA-2026:28832 Red Hat Security Advisory: openssl-fips-provider security update

Bulletin has no description...

5.9CVSS7.3AI score0.00981EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.6 views

PT-2026-52604

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description An issue exists in the EVP DigestVerifyFinal function where a zero-length tag could be accepted as valid during HMAC Hash-based Message Authentication Code...

7.5CVSS5.7AI score0.00147EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.8 views

PT-2026-52563

Name of the Vulnerable Software and Affected Versions wolfSSL affected versions not specified Description An X.509 trust-chain bypass exists in the OpenSSL compatibility certificate verifier function wolfSSL X509 verify cert. This issue occurs in builds configured with --enable-opensslextra OPENS...

8.7CVSS5.8AI score0.00145EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.12 views

PT-2026-52573

Name of the Vulnerable Software and Affected Versions wolfSSL affected versions not specified Description An issue exists where chain intermediate certificates asserting CA:TRUE but lacking the keyCertSign key usage were accepted as signing CAs. This occurs because chain-supplied temporary CAs...

6.3CVSS5.8AI score0.00118EPSS
Exploits0References5
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: crypto: virtio – Add spinlock protection with virtqueue notification When a virtual machine boots with a virtio-crypto PCI device and a built-in backend, run the openssl benchmark command with multiple processes. For example:...

5.5CVSS5.7AI score0.00121EPSS
Exploits0References2
OSV
OSV
added 2026/06/24 9:5 a.m.2 views

SUSE-SU-2026:2621-1 Security update for openssl-1_1-livepatches

This update for openssl-11-livepatches fixes the following issues - CVE-2026-45447: Heap Use-After-Free in OpenSSL PKCS7verify bsc1266357...

8.8CVSS5.8AI score0.02719EPSS
Exploits0References4
OSV
OSV
added 2026/06/24 9:2 a.m.2 views

SUSE-SU-2026:2614-1 Security update for openssl-1_1

This update for openssl-11 fixes the following issues: - CVE-2026-45447: Heap Use-After-Free in OpenSSL PKCS7verify bsc1266357. - CVE-2026-42766: Possible NULL Dereference in Password-Based CMS Decryption bsc1266349. - CVE-2026-9076: Out-of-Bounds Read in CMS Password-Based Decryption bsc1266341....

8.8CVSS5.8AI score0.02719EPSS
Exploits0References11
RedHat Linux
RedHat Linux
added 2026/06/24 7:54 a.m.4 views

openssl: openssl: Information Disclosure from Uninitialized Memory via Invalid RSA Public Key

A flaw was found in openssl. Applications that use RSASVE key encapsulation, a method for securely exchanging encryption keys, may inadvertently expose sensitive data. This vulnerability arises when an application processes a malicious, invalid RSA public key provided by an attacker without prope...

7.5CVSS7.3AI score0.00981EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/24 7:54 a.m.7 views

Moderate: Red Hat Security Advisory: openssl-fips-provider security update

An update for openssl-fips-provider is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions, Red Hat Enterprise Linux 9.4 Extended Update Support, and Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a...

7.5CVSS7.2AI score0.00981EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/24 12:0 a.m.16 views

RHEL 9 : openssl-fips-provider (RHSA-2026:28832)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:28832 advisory. This package provides a custom build of the OpenSSL FIPS module that has been submitted to NIST for certification. Security Fixes: openssl: openssl:...

7.5CVSS7.4AI score0.00981EPSS
Exploits0References5
OSV
OSV
added 2026/06/23 3:39 p.m.7 views

SUSE-SU-2026:2598-1 Security update for openssl-3

This update for openssl-3 fixes the following issues - CVE-2026-7383: Possible Heap Buffer Overflow in ASN.1 Multibyte String Conversion bsc1266340. - CVE-2026-9076: Out-of-Bounds Read in CMS Password-Based Decryption bsc1266341. - CVE-2026-34180: Heap Buffer Over-read in ASN.1 Content Parsing...

8.8CVSS5.9AI score0.02719EPSS
Exploits0References17
RedHat Linux
RedHat Linux
added 2026/06/23 12:41 p.m.7 views

Moderate: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: openssl-fips-provider: openssl-fips-provider-3.0.7-1.2.hum1 aarch64, x8664 openssl-fips-provider-so-3.0.7-1.2.hum1 aarch64, x8664 openssl-fips-provider-3.0.7-1.2.hum1.src src...

7.5CVSS7.3AI score0.00981EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/06/22 3:13 p.m.7 views

openssl: OpenSSL TLS 1.3 server may choose unexpected key agreement group

A key group selection preference flaw has been discovered in OpenSSL. An OpenSSL TLS 1.3 server may fail to negotiate the expected preferred key exchange group when its key exchange group configuration includes the default by using the "DEFAULT" keyword. A less preferred key exchange may be used...

6.5CVSS5.8AI score0.00435EPSS
Exploits0References7
OSV
OSV
added 2026/06/22 12:26 p.m.2 views

OPENSUSE-SU-2026:21005-1 Security update for openssl-3

This update for openssl-3 fixes the following issues - CVE-2026-2673: TLS 1.3 servers may choose unexpected key agreement group bsc1259652. - CVE-2026-7383: Possible Heap Buffer Overflow in ASN.1 Multibyte String Conversion bsc1266340. - CVE-2026-9076: Out-of-Bounds Read in CMS Password-Based...

9.1CVSS7.1AI score0.02719EPSS
Exploits0References30
Rows per page
Query Builder