openssl

280 tracked vulnerabilities.

CVE-2026-31790 HIGH
Incorrect Failure Handling in RSA KEM RSASVE Encapsulation
Apr 07, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-31789 CRITICAL
Heap Buffer Overflow in Hexadecimal Conversion
Apr 07, 2026
CVSS 9.8
EPSS 0.00
CVE-2026-28390 HIGH
Possible NULL Dereference When Processing CMS KeyTransportRecipientInfo
Apr 07, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-28389 HIGH
Possible NULL Dereference When Processing CMS KeyAgreeRecipientInfo
Apr 07, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-28388 HIGH
NULL Pointer Dereference When Processing a Delta CRL
Apr 07, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-28387 HIGH
Potential Use-after-free in DANE Client Code
Apr 07, 2026
CVSS 8.1
EPSS 0.00
CVE-2026-28386 HIGH
OpenSSL 3.6.0-3.6.1 - Denial of Service via AES-CFB128 Partial Block Processing
Apr 07, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-2673 MEDIUM
OpenSSL TLS 1.3 server may choose unexpected key agreement group
Mar 13, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-22796 MEDIUM
Openssl < 1.0.2zn - Improper Condition Check
Jan 27, 2026
CVSS 5.3
EPSS 0.00
CVE-2026-22795 MEDIUM
OpenSSL 1.1.1-1.1.1zd, 3.0.0-3.0.18, 3.3.0-3.3.5, 3.4.0-3.4.3, 3.5.0-3.5.4, 3.6.0 - DoS via PKCS#12 Parsing
Jan 27, 2026
CVSS 5.5
EPSS 0.00
CVE-2025-69421 HIGH
OpenSSL 1.0.2-1.0.2z, 1.1.1-1.1.1zd, 3.0.0-3.0.18, 3.3.0-3.3.5, 3.4.0-3.4.3, 3.5.0-3.5.4, 3.6.0 - DoS via PKCS#12
Jan 27, 2026
CVSS 7.5
EPSS 0.00
CVE-2025-69420 HIGH
OpenSSL 1.1.1-1.1.1zd, 3.0.0-3.0.18, 3.3.0-3.3.5, 3.4.0-3.4.3, 3.5.0-3.5.4, 3.6.0 - DoS via Malformed TSR
Jan 27, 2026
CVSS 7.5
EPSS 0.01
CVE-2025-69419 HIGH
OpenSSL 1.1.1-1.1.1zd, 3.0.0-3.0.18, 3.3.0-3.3.5, 3.4.0-3.4.3, 3.5.0-3.5.4, 3.6.0 - Out-of-bounds Write
Jan 27, 2026
CVSS 7.4
EPSS 0.00
CVE-2025-69418 MEDIUM
OpenSSL 1.1.1-1.1.1zd, 3.0.0-3.0.18, 3.3.0-3.3.5, 3.4.0-3.4.3, 3.5.0-3.5.4, 3.6.0 - OCB API Missing Cryptographic Step
Jan 27, 2026
CVSS 4.0
EPSS 0.00
CVE-2025-68160 MEDIUM
Openssl < 1.0.2zn - Out-of-Bounds Write
Jan 27, 2026
CVSS 4.7
EPSS 0.00
CVE-2025-66199 MEDIUM
OpenSSL 3.3.0-3.3.6 - Denial of Service via TLS 1.3 Certificate Compression
Jan 27, 2026
CVSS 5.9
EPSS 0.00
CVE-2025-15469 MEDIUM
OpenSSL 3.5.0-3.5.4 - Improper Verification of Cryptographic Signature via One-Shot Signing Algorithms
Jan 27, 2026
CVSS 5.5
EPSS 0.00
CVE-2025-15468 MEDIUM
OpenSSL 3.3.0-3.3.6 - Denial of Service via NULL Pointer Dereference in SSL_CIPHER_find()
Jan 27, 2026
CVSS 5.9
EPSS 0.00
CVE-2025-15467 HIGH
OpenSSL 3.0.0-3.0.18, 3.3.0-3.3.5, 3.4.0-3.4.3, 3.5.0-3.5.4, 3.6.0 - Stack-based Buffer Overflow via CMS AEAD IV Parsing
Jan 27, 2026
CVSS 8.8
EPSS 0.03
CVE-2025-11187 MEDIUM
OpenSSL 3.4.0-3.4.3, 3.5.0-3.5.4, 3.6.0 - Stack-based Buffer Overflow in PKCS#12 PBMAC1 MAC Verification
Jan 27, 2026
CVSS 6.1
EPSS 0.00
CVE-2025-9232 MEDIUM
OpenSSL 3.0.16-3.0.17, 3.2.4-3.2.5, 3.3.3-3.3.4, 3.4.0-3.4.2, 3.5.0-3.5.3 DoS via HTTP Client API no_proxy
Sep 30, 2025
CVSS 5.9
EPSS 0.00
CVE-2025-9231 MEDIUM
OpenSSL 3.2.0-3.2.5, 3.3.0-3.3.4, 3.4.0-3.4.2, 3.5.0-3.5.3 - SM2 Timing Side-Channel on 64-bit ARM
Sep 30, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-9230 HIGH
CMS Decryptor <unknown - Memory Corruption
Sep 30, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-4575 MEDIUM
OpenSSL 3.5 - Improper Certificate Validation via -addreject Option
May 22, 2025
CVSS 6.5
EPSS 0.00
CVE-2024-12797 MEDIUM
TLS/DTLS - Man-in-the-Middle
Feb 11, 2025
CVSS 6.3
EPSS 0.01
Products
openssl 267 OpenSSL 46 fips_object_module 1
Quick Filters
Critical CVEs With Exploits In CISA KEV