Search CVE reports


Toggle filters

1 – 10 of 334 results


CVE-2026-58102

Medium priority
Needs evaluation

Crypt::OpenSSL::X509 versions before 2.1.3 for Perl allow a heap out-of-bounds read via a long certificate extension OID in hv_exts. When building the extension hash (via extensions(), extensions_by_long_name(),...

1 affected package

libcrypt-openssl-x509-perl

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libcrypt-openssl-x509-perl Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2026-58101

Medium priority
Needs evaluation

Crypt::OpenSSL::X509 versions before 2.1.3 for Perl allow denial of service via NULL pointer dereference. X509V3_EXT_d2i(ext) returns NULL when an extension's DER value fails to parse. basicC, ia5string, and auth_att dereference...

1 affected package

libcrypt-openssl-x509-perl

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libcrypt-openssl-x509-perl Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2026-9265

Medium priority
Needs evaluation

Crypt::OpenSSL::PKCS12 versions before 1.96 for Perl permits a heap OOB read in print_attribute UTF8STRING path. print_attribute() copies a UTF8STRING ASN.1 attribute value into a heap buffer sized exactly to its declared length...

1 affected package

libcrypt-openssl-pkcs12-perl

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libcrypt-openssl-pkcs12-perl Needs evaluation Needs evaluation Not in release Needs evaluation Needs evaluation
Show less packages

CVE-2026-9076

Low priority

Some fixes available 9 of 17

Issue summary: When CMS password-based decryption (RFC 3211 / PWRI key unwrap) processes attacker-supplied CMS data, an attacker-chosen stream-mode KEK cipher can trigger a heap out-of-bounds read in kek_unwrap_key(). Impact...

5 affected packages

edk2, nodejs, openssl, openssl-fips, openssl1.0

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
edk2 Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
nodejs Not affected Not affected Vulnerable Not affected Needs evaluation
openssl Fixed Fixed Fixed Fixed Fixed
openssl-fips Not in release Not in release Not in release
openssl1.0 Not in release Not in release Not in release Fixed
Show less packages

CVE-2026-7383

Low priority

Some fixes available 9 of 17

Issue summary: A signed integer overflow when sizing the destination buffer for Unicode output in ASN1_mbstring_ncopy() can lead to a heap buffer overflow. Impact summary: A heap buffer overflow may lead to a crash or...

5 affected packages

edk2, nodejs, openssl, openssl-fips, openssl1.0

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
edk2 Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
nodejs Not affected Not affected Vulnerable Not affected Needs evaluation
openssl Fixed Fixed Fixed Fixed Fixed
openssl-fips Not in release Not in release Not in release
openssl1.0 Not in release Not in release Not in release Fixed
Show less packages

CVE-2026-45447

High priority

Some fixes available 9 of 17

Issue summary: A specially crafted PKCS#7 or S/MIME signed message could trigger a use-after-free during PKCS#7 signature verification. Impact summary: A use-after-free may result in process crashes, heap corruption, or...

5 affected packages

edk2, nodejs, openssl, openssl-fips, openssl1.0

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
edk2 Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
nodejs Not affected Not affected Vulnerable Not affected Needs evaluation
openssl Fixed Fixed Fixed Fixed Fixed
openssl-fips Not in release Not in release Not in release
openssl1.0 Not in release Not in release Not in release Fixed
Show less packages

CVE-2026-45446

Low priority

Some fixes available 4 of 8

Issue summary: The implementations of AES-SIV (RFC 5297) and AES-GCM-SIV (RFC 8452) mishandle the authentication of AAD (Additional Authenticated Data) with an empty ciphertext allowing a forgery of such messages. Impact summary:...

5 affected packages

edk2, nodejs, openssl, openssl-fips, openssl1.0

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
edk2 Needs evaluation Needs evaluation Not affected Not affected Not affected
nodejs Not affected Not affected Vulnerable Not affected Not affected
openssl Fixed Fixed Fixed Not affected Not affected
openssl-fips Not in release Not in release Not in release
openssl1.0 Not in release Not in release Not in release Not affected
Show less packages

CVE-2026-45445

Medium priority

Some fixes available 4 of 8

Issue summary: When an application drives an AES-OCB context through the public EVP_Cipher() one-shot interface, the application-supplied initialisation vector (IV) is silently discarded. Impact summary: Every message encrypted...

5 affected packages

edk2, nodejs, openssl, openssl-fips, openssl1.0

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
edk2 Needs evaluation Needs evaluation Not affected Not affected Not affected
nodejs Not affected Not affected Vulnerable Not affected Not affected
openssl Fixed Fixed Fixed Not affected Not affected
openssl-fips Not in release Not in release Not in release
openssl1.0 Not in release Not in release Not in release Not affected
Show less packages

CVE-2026-42771

Low priority
Vulnerable

Issue summary: When the X509_VERIFY_PARAM_set1_email is called by an application to validate a crafted e-mail address, such as during S/MIME message validation, an out of bounds read can happen. Impact summary: This out of bounds...

5 affected packages

edk2, nodejs, openssl, openssl-fips, openssl1.0

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
edk2 Not affected Not affected Not affected Not affected Not affected
nodejs Not affected Not affected Vulnerable Not affected Not affected
openssl Not affected Not affected Not affected Not affected Not affected
openssl-fips Not in release Not affected Not affected
openssl1.0 Not in release Not in release Not in release Not affected
Show less packages

CVE-2026-42770

Low priority

Some fixes available 4 of 8

Issue summary: When EVP_PKEY_derive_set_peer() is called with a DHX (X9.42) peer key, the peer key is not properly checked for the subgroup membership. Impact summary: A malicious peer which presents an X9.42 key carrying...

5 affected packages

edk2, nodejs, openssl, openssl-fips, openssl1.0

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
edk2 Needs evaluation Needs evaluation Not affected Not affected Not affected
nodejs Not affected Not affected Vulnerable Not affected Not affected
openssl Fixed Fixed Fixed Not affected Not affected
openssl-fips Not in release Not in release Not in release
openssl1.0 Not in release Not in release Not in release Not affected
Show less packages