openssl software foundation

Top products

The 15 most recently published vulnerabilities affecting openssl software foundation.

• CVE-2026-22796ASN1_TYPE Type Confusion in the PKCS7_digest_from_attributes() function5.3Jan 27, 2026
• CVE-2026-22795Missing ASN1_TYPE validation in PKCS#12 parsing5.5Jan 27, 2026
• CVE-2025-69421NULL Pointer Dereference in PKCS12_item_decrypt_d2i_ex function7.5Jan 27, 2026
• CVE-2025-69420Missing ASN1_TYPE validation in TS_RESP_verify_response() function7.5Jan 27, 2026
• CVE-2025-69419Out of bounds write in PKCS12_get_friendlyname() UTF-8 conversion7.4Jan 27, 2026
• CVE-2025-69418Unauthenticated/unencrypted trailing bytes with low-level OCB function calls4.0Jan 27, 2026
• CVE-2025-68160Heap out-of-bounds write in BIO_f_linebuffer on short writes4.7Jan 27, 2026
• CVE-2025-66199TLS 1.3 CompressedCertificate excessive memory allocation5.9Jan 27, 2026
• CVE-2025-15469'openssl dgst' one-shot codepath silently truncates inputs >16MB5.5Jan 27, 2026
• CVE-2025-15468NULL dereference in SSL_CIPHER_find() function on unknown cipher ID5.9Jan 27, 2026
• CVE-2025-15467Stack buffer overflow in CMS (Auth)EnvelopedData parsing8.8Jan 27, 2026
• CVE-2025-11187Improper validation of PBMAC1 parameters in PKCS#12 MAC verification6.1Jan 27, 2026
• CVE-2025-9232Out-of-bounds read in HTTP client no_proxy handling5.9Sep 30, 2025
• CVE-2025-9231Timing side-channel in SM2 algorithm on 64 bit ARM6.5Sep 30, 2025
• CVE-2025-9230Out-of-bounds read & write in RFC 3211 KEK Unwrap7.5Sep 30, 2025