OpenSSL fixes seven flaws including RSA KEM memory disclosure bug
OpenSSL released fixes for seven vulnerabilities across multiple supported branches, led by CVE-2026-31790, a Moderate-severity flaw in RSA KEM RSASVE encapsulation that can leak stale or uninitialized memory to a malicious peer. The issue can be triggered when applications process attacker-supplied invalid RSA public keys without validating them first. The advisory also disclosed six Low-severity bugs: an AVX-512/VAES-specific out-of-bounds read in AES-CFB-128, a potential use-after-free or double-free in DANE client code, two CMS-related NULL pointer dereferences, a delta CRL NULL dereference, and a heap buffer overflow in hexadecimal conversion on 32-bit platforms.
The project advised users to upgrade to fixed releases 3.0.20, 3.3.7, 3.4.5, 3.5.6, and 3.6.2, with premium-support fixes available for 1.1.1zg and 1.0.2zp where applicable. OpenSSL said branches 3.1 and 3.2 are out of support and were not analyzed, leaving organizations running those versions without reviewed fixes in this advisory.
Get ahead of threats like this
Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
How this story unfolded
2 events from the most recent confirmed update back to the earliest known activity.
OpenSSL releases fixed versions for affected branches
OpenSSL recommended upgrading to patched releases 3.0.20, 3.3.7, 3.4.5, 3.5.6, and 3.6.2, with premium-support fixes also listed for 1.1.1zg and 1.0.2zp where applicable. The advisory also stated that OpenSSL 3.1 and 3.2 were out of support and not analyzed.
OpenSSL publishes advisory for seven vulnerabilities
On 2026-04-07, OpenSSL disclosed seven vulnerabilities across multiple supported branches. The advisory rated CVE-2026-31790 as Moderate severity and six additional flaws as Low severity, including issues in AES-CFB128, DANE client code, CMS handling, delta CRL processing, and hexadecimal conversion on 32-bit platforms.
Related entities
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
Sources
2 references tracked. Mallory keeps watching after this page renders.
See the full picture, correlated to your attack surface.
Map indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.
Related stories
Other stories Mallory is tracking that overlap on entities, sources, or topic labels.
OpenSSL Releases Patch Multiple CVEs Across Supported Branches
The OpenSSL Project released updated versions across multiple supported branches to fix a set of security flaws in the SSL/TLS toolkit, with **OpenSSL 3.6.2** carrying the broadest set of patches. The updates address issues including incorrect failure handling in RSA KEM `RSASVE` encapsulation, an out-of-bounds read in `AES-CFB-128` on x86-64 systems with `AVX-512` support, a potential use-after-free in DANE client code, several `NULL` pointer dereference bugs, and a heap buffer overflow in hexadecimal conversion. OpenSSL said the most severe issue in the release was rated **Moderate**. Additional releases — **3.5.6, 3.4.5, 3.3.7, 3.0.20, 1.1.1zg, and 1.0.2zp** — also shipped with security fixes and minor bug corrections, though older branches received smaller subsets of the patches. The 3.6.2 release also repaired two regressions introduced in 3.6.0 affecting `X509_V_FLAG_CRL_CHECK_ALL` behavior and stapled OCSP response handling that could trigger handshake failures. Administrators running **OpenSSL 3.6.x** on x86-64 systems with `AVX-512` enabled were specifically urged to prioritize the `AES-CFB-128` fix because of memory-read exposure.
May 7, 2026
OpenSSL fixes high-severity PKCS#7 use-after-free and broad library flaws
OpenSSL disclosed a broad set of vulnerabilities affecting ASN.1 parsing, PKCS#12, CMS/PKCS#7, QUIC, OCSP, CMP/CRMF, DH key validation, AEAD cipher handling, and certificate and email validation across the 4.0, 3.6, 3.5, 3.4, and 3.0 branches. The most severe issue, **CVE-2026-45447**, is a high-severity heap use-after-free in `PKCS7_verify()` that can be triggered by specially crafted PKCS#7 or S/MIME signed messages and could lead to crashes, heap corruption, or potentially remote code execution. The advisory also details moderate-severity flaws that could enable forged CMS `AuthEnvelopedData` messages, denial-of-service conditions in QUIC and OCSP processing, a TLS client double-free via OCSP stapling, a QUIC server `NULL` dereference, and cryptographic failures in AES-OCB when applications use the `EVP_Cipher()` one-shot API, alongside numerous lower-severity parsing, validation, and bounds-checking bugs. OpenSSL said most issues were fixed in **4.0.1**, **3.6.3**, **3.5.7**, **3.4.6**, and **3.0.21**, with **1.1.1zh** and **1.0.2zq** issued for supported legacy customers; most flaws were reported as outside the OpenSSL FIPS module boundary, except **CVE-2026-42770**, which affects FIPS modules in multiple supported branches.
Jun 10, 2026
OpenSSL January Security Update Fixes CMS and PKCS#12 Stack Overflows With RCE Risk
**OpenSSL released a security update on January 27, 2026**, addressing **12 vulnerabilities** across supported branches, including **one High-severity issue with potential remote code execution (RCE)**, one Moderate, and multiple Low-severity flaws. The most serious vulnerability, **CVE-2025-15467 (High)**, is a **pre-authentication stack buffer overflow** in **CMS `AuthEnvelopedData` parsing** when using AEAD ciphers (e.g., **AES-GCM**); a crafted CMS message with an **oversized IV in ASN.1 parameters** can trigger a crash and may enable code execution in applications that parse **untrusted CMS/PKCS#7 content** (notably **S/MIME** workflows). Both sources emphasize that while **DoS is the most likely outcome in many environments**, the presence of a stack write primitive makes the issue operationally significant where untrusted CMS is processed. A second notable issue, **CVE-2025-11187 (Moderate)**, involves a **stack overflow during PKCS#12 MAC verification** (PBMAC1/PBKDF2-related validation), where attacker-controlled parameters (e.g., key length) can lead to crashes and potentially more severe impact when processing **untrusted PKCS#12 files** (e.g., certificate import/export, PKI/CA tooling). Affected versions called out include **OpenSSL 3.x** (with additional low-severity issues spanning older branches such as **1.0.2 and 1.1.1**), and patched releases include **3.6.1, 3.5.5, 3.4.4, 3.3.6, and 3.0.19** (with corresponding fixes for older maintained lines). Datadog notes **OpenSSL 3.x FIPS modules are not affected** by the highlighted CMS and PKCS#12 overflow issues, and both sources point to higher risk in services that ingest these formats from external or user-supplied inputs (e.g., S/MIME gateways, certificate management services).
Mar 21, 2026