OpenSSL Releases Patch Multiple CVEs Across Supported Branches
The OpenSSL Project released updated versions across multiple supported branches to fix a set of security flaws in the SSL/TLS toolkit, with OpenSSL 3.6.2 carrying the broadest set of patches. The updates address issues including incorrect failure handling in RSA KEM RSASVE encapsulation, an out-of-bounds read in AES-CFB-128 on x86-64 systems with AVX-512 support, a potential use-after-free in DANE client code, several NULL pointer dereference bugs, and a heap buffer overflow in hexadecimal conversion. OpenSSL said the most severe issue in the release was rated Moderate.
Additional releases — 3.5.6, 3.4.5, 3.3.7, 3.0.20, 1.1.1zg, and 1.0.2zp — also shipped with security fixes and minor bug corrections, though older branches received smaller subsets of the patches. The 3.6.2 release also repaired two regressions introduced in 3.6.0 affecting X509_V_FLAG_CRL_CHECK_ALL behavior and stapled OCSP response handling that could trigger handshake failures. Administrators running OpenSSL 3.6.x on x86-64 systems with AVX-512 enabled were specifically urged to prioritize the AES-CFB-128 fix because of memory-read exposure.
Get ahead of threats like this
Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
How this story unfolded
2 events from the most recent confirmed update back to the earliest known activity.
OpenSSL 3.6.2 patches multiple CVEs and 3.6.0 regressions
The 3.6.2 release fixed the broadest set of issues, including flaws in RSA KEM RSASVE failure handling, an AVX-512-related AES-CFB-128 out-of-bounds read, a DANE client use-after-free, several NULL dereferences, and a heap buffer overflow in hexadecimal conversion. It also repaired two regressions introduced in OpenSSL 3.6.0 affecting CRL checking behavior and stapled OCSP response handling.
OpenSSL releases 3.6.2 and other supported branch updates
On April 7, 2026, the OpenSSL Project released OpenSSL 3.6.2, 3.5.6, 3.4.5, 3.3.7, 3.0.20, 1.1.1zg, and 1.0.2zp to address multiple security vulnerabilities and minor bugs across supported branches.
Related entities
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
Sources
4 references tracked. Mallory keeps watching after this page renders.
Openssl vulnerabilities in node22 releases · Issue #63166 · nodejs/node
github.com
Open sourceOpenSSL 3.6.2 lands with eight CVE fixes - Help Net Security
helpnetsecurity.com
Open sourceOpenSSL Release Announcement for 3.6.2, 3.5.6, 3.4.5, 3.3.7, 3.0.20, 1.1.1zg and 1.0.2zp | OpenSSL Library
openssl-library.org
Open sourcedeps: bundled OpenSSL 3.5.5 in v24.x has multiple CVEs, fixed in OpenSSL 3.5.6 · Issue #63122 · nodejs/node
github.com
Open sourceSee the full picture, correlated to your attack surface.
Map indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.
Related stories
Other stories Mallory is tracking that overlap on entities, sources, or topic labels.
OpenSSL fixes seven flaws including RSA KEM memory disclosure bug
OpenSSL released fixes for seven vulnerabilities across multiple supported branches, led by **CVE-2026-31790**, a Moderate-severity flaw in RSA KEM `RSASVE` encapsulation that can leak stale or uninitialized memory to a malicious peer. The issue can be triggered when applications process attacker-supplied invalid RSA public keys without validating them first. The advisory also disclosed six Low-severity bugs: an AVX-512/VAES-specific out-of-bounds read in AES-CFB-128, a potential use-after-free or double-free in DANE client code, two CMS-related NULL pointer dereferences, a delta CRL NULL dereference, and a heap buffer overflow in hexadecimal conversion on 32-bit platforms. The project advised users to upgrade to fixed releases **3.0.20**, **3.3.7**, **3.4.5**, **3.5.6**, and **3.6.2**, with premium-support fixes available for **1.1.1zg** and **1.0.2zp** where applicable. OpenSSL said branches **3.1** and **3.2** are out of support and were not analyzed, leaving organizations running those versions without reviewed fixes in this advisory.
May 25, 2026
OpenSSL fixes high-severity PKCS#7 use-after-free and broad library flaws
OpenSSL disclosed a broad set of vulnerabilities affecting ASN.1 parsing, PKCS#12, CMS/PKCS#7, QUIC, OCSP, CMP/CRMF, DH key validation, AEAD cipher handling, and certificate and email validation across the 4.0, 3.6, 3.5, 3.4, and 3.0 branches. The most severe issue, **CVE-2026-45447**, is a high-severity heap use-after-free in `PKCS7_verify()` that can be triggered by specially crafted PKCS#7 or S/MIME signed messages and could lead to crashes, heap corruption, or potentially remote code execution. The advisory also details moderate-severity flaws that could enable forged CMS `AuthEnvelopedData` messages, denial-of-service conditions in QUIC and OCSP processing, a TLS client double-free via OCSP stapling, a QUIC server `NULL` dereference, and cryptographic failures in AES-OCB when applications use the `EVP_Cipher()` one-shot API, alongside numerous lower-severity parsing, validation, and bounds-checking bugs. OpenSSL said most issues were fixed in **4.0.1**, **3.6.3**, **3.5.7**, **3.4.6**, and **3.0.21**, with **1.1.1zh** and **1.0.2zq** issued for supported legacy customers; most flaws were reported as outside the OpenSSL FIPS module boundary, except **CVE-2026-42770**, which affects FIPS modules in multiple supported branches.
Jun 10, 2026
OpenSSL January Security Update Fixes CMS and PKCS#12 Stack Overflows With RCE Risk
**OpenSSL released a security update on January 27, 2026**, addressing **12 vulnerabilities** across supported branches, including **one High-severity issue with potential remote code execution (RCE)**, one Moderate, and multiple Low-severity flaws. The most serious vulnerability, **CVE-2025-15467 (High)**, is a **pre-authentication stack buffer overflow** in **CMS `AuthEnvelopedData` parsing** when using AEAD ciphers (e.g., **AES-GCM**); a crafted CMS message with an **oversized IV in ASN.1 parameters** can trigger a crash and may enable code execution in applications that parse **untrusted CMS/PKCS#7 content** (notably **S/MIME** workflows). Both sources emphasize that while **DoS is the most likely outcome in many environments**, the presence of a stack write primitive makes the issue operationally significant where untrusted CMS is processed. A second notable issue, **CVE-2025-11187 (Moderate)**, involves a **stack overflow during PKCS#12 MAC verification** (PBMAC1/PBKDF2-related validation), where attacker-controlled parameters (e.g., key length) can lead to crashes and potentially more severe impact when processing **untrusted PKCS#12 files** (e.g., certificate import/export, PKI/CA tooling). Affected versions called out include **OpenSSL 3.x** (with additional low-severity issues spanning older branches such as **1.0.2 and 1.1.1**), and patched releases include **3.6.1, 3.5.5, 3.4.4, 3.3.6, and 3.0.19** (with corresponding fixes for older maintained lines). Datadog notes **OpenSSL 3.x FIPS modules are not affected** by the highlighted CMS and PKCS#12 overflow issues, and both sources point to higher risk in services that ingest these formats from external or user-supplied inputs (e.g., S/MIME gateways, certificate management services).
Mar 21, 2026