Theo Buehler

1 exploit Active since Apr 2026
CVE-2026-41681 WRITEUP CRITICAL WRITEUP
rust-openssl 0.10.39-0.10.77 - Memory Corruption
rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.10.39 to before 0.10.78, EVP_DigestFinal() always writes EVP_MD_CTX_size(ctx) to the out buffer. If out is smaller than that, MdCtxRef::digest_final() writes past its end, usually corrupting the stack. This is reachable from safe Rust. This vulnerability is fixed in 0.10.78.
CVSS 9.8