CVE-2025-69418

Issue summary: When using the low-level OCB API directly with AES-NI orother hardware-accelerated code paths, inputs whose length is not a multipleof 16 bytes can leave the final partial block unencrypted and unauthenticated.Impact summary: The trailing 1-15 bytes of a message may be exposed...

PT-2026-4948

Name of the Vulnerable Software and Affected Versions OpenSSL versions 1.1.1 through 3.6 OpenSSL version 1.0.2 is not affected Description The issue relates to the handling of non-block-aligned input lengths when using the low-level OCB API directly with AES-NI or other hardware-accelerated code...