openssl

Top products

The 15 most recently published vulnerabilities affecting openssl.

• CVE-2026-45447Heap Use-After-Free in the PKCS7_verify() Function8.8Jun 9, 2026
• CVE-2026-45446Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes4.8Jun 9, 2026
• CVE-2026-45445AES-OCB IV Ignored on EVP_Cipher() Path7.5Jun 9, 2026
• CVE-2026-42771Possible Out of Bounds Read in X509_VERIFY_PARAM_set1_email()6.2Jun 9, 2026
• CVE-2026-42770FFC-DH Peer Validation Uses Attacker-Supplied q3.7Jun 9, 2026
• CVE-2026-42769Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate5.3Jun 9, 2026
• CVE-2026-42768Multi-RecipientInfo Bleichenbacher Oracle in CMS_decrypt() and PKCS7_decrypt()3.7Jun 9, 2026
• CVE-2026-42767NULL Pointer Dereference in CRMF EncryptedValue Decryption5.9Jun 9, 2026
• CVE-2026-42766Possible NULL Dereference in Password-Based CMS Decryption5.9Jun 9, 2026
• CVE-2026-42765NULL Dereference in Certificate Verification with OCSP Checking7.5Jun 9, 2026
• CVE-2026-42764NULL Pointer Dereference in QUIC Server Initial Packet Handling7.5Jun 9, 2026
• CVE-2026-35188Double-free When Checking OCSP Stapled Response5.0Jun 9, 2026
• CVE-2026-34183Unbounded Memory Growth in the QUIC PATH_CHALLENGE Handler7.5Jun 9, 2026
• CVE-2026-34182CMS AuthEnvelopedData Processing May Accept Forged Messages9.1Jun 9, 2026
• CVE-2026-34181PKCS#12 Files with PBMAC1 Are Accepted with Short HMAC Keys7.4Jun 9, 2026