What is the CVSS score of CVE-2026-34182?

CVE-2026-34182 has a contested CVSS base score of 9.1 from a third party (e.g. CISA-ADP), while the vendor rates it Critical. vuln.today uses the vendor rating as authoritative.

Which versions of OpenSSL are affected by CVE-2026-34182?

Pre-NVD disclosure via GitHub release 'OpenSSL 4.0.1' (openssl/openssl). OpenSSL 4.0.1 is a security patch release.. A patch is available.

Is there a patch available for CVE-2026-34182?

Yes, a patch is available for CVE-2026-34182. Update the affected software to the latest version immediately.

OpenSSL CVE-2026-34182

EUVD-2026-35478 CRITICAL

Improper Validation of Integrity Check Value (CWE-354)

2026-06-09

GHSA-f9v2-4w9p-2cwc

OpenSSL Information Disclosure Red Hat Suse

Critical

Disputed · 9.1 Vendor

Severity by source

Sources disagree (Medium–Critical)

Vendor (CNA) PRIMARY

9.1 CRITICAL

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

SUSE

5.9 MEDIUM

AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Red Hat

7.4 MEDIUM

qualitative

vuln.today treats the vendor’s rating as authoritative. A higher third-party CVSS (e.g. CISA-ADP) is shown for transparency but does not drive the headline severity.

CVSS VectorVendor

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

None

Lifecycle Timeline

CVE Published

Jun 09, 2026 - 11:43 nvd

UNKNOWN (no severity yet)

Description PRE-NVD

Disclosed via GitHub release of openssl/openssl. NVD scoring and full description are pending.

Analysis Pending

This CVE was just disclosed and hasn’t been processed by NVD yet. Full analysis – including CVSS score, severity rating, and remediation guidance – will appear here once NVD publishes it.

Threat intelligence, references, and detailed analysis are available after sign-in.

More from same product – last 7 days

CVE-2026-49440 HIGH This Week

7.4 Jun 16

Cryptographic primality validation in Deno's Node.js compatibility layer (versions <= 2.8.0) silently skips Miller-Rabin

CVE-2026-48491 HIGH This Week

Jun 16

mTLS bypass in Traefik 3.7.0-3.7.1 lets unauthenticated remote clients reach backends protected by wildcard-router TLSOp

CVE-2026-53622 HIGH This Week

Jun 16

Authentication bypass in Traefik v3.6.17, v3.7.0, and v3.7.1 allows unauthenticated remote attackers to bypass router-sp

Vendor StatusVendor

SUSE

Severity: Moderate

Product	Status
Container suse/sl-micro/6.0/baremetal-os-container:2.1.3-6.189 Container suse/sl-micro/6.0/kvm-os-container:2.1.3-6.170 Container suse/sl-micro/6.0/rt-os-container:2.1.3-7.185 Container suse/sl-micro/6.0/toolbox:13.2-9.122	Affected
Container suse/sl-micro/6.0/base-os-container:2.1.3-7.155 Image SL-Micro Image SLE-Micro Image SLE-Micro-Azure Image SLE-Micro-BYOS Image SLE-Micro-BYOS-Azure Image SLE-Micro-BYOS-EC2 Image SLE-Micro-BYOS-GCE Image SLE-Micro-EC2 Image SLE-Micro-GCE	Affected
Container suse/sl-micro/6.1/baremetal-os-container:2.2.1-7.121 Container suse/sl-micro/6.1/kvm-os-container:2.2.1-5.141 Container suse/sl-micro/6.1/rt-os-container:2.2.1-5.135	Affected
Container suse/sl-micro/6.1/base-os-container:2.2.1-5.141 Image SL-Micro-Base Image SL-Micro-Base-RT Image SL-Micro-Base-RT-SelfInstall Image SL-Micro-Base-RT-encrypted Image SL-Micro-Base-SelfInstall Image SL-Micro-Base-encrypted Image SL-Micro-Base-qcow Image SL-Micro-Default Image SL-Micro-Default-SelfInstall Image SL-Micro-Default-encrypted Image SL-Micro-Default-qcow	Affected
SUSE Liberty Linux 10	Fixed

CVE-2026-34182 vulnerability details – vuln.today

Back

SUSE Liberty Linux 9	Fixed
SUSE Linux Enterprise Server 15 SP6-LTSS	Fixed
SUSE Linux Enterprise Server for SAP Applications 15 SP6	Fixed
SUSE Linux Micro 6.0	Fixed
openSUSE Tumbleweed	Fixed
SLES15-SP5-CHOST-BYOS-SAP-CCloud	Not-Affected
SLES15-SP5-CHOST-BYOS-SAP-CCloud	Not-Affected
SLES15-SP6-CHOST-BYOS	Not-Affected
SLES15-SP6-CHOST-BYOS	Affected
SLES15-SP6-CHOST-BYOS-Aliyun	Not-Affected
SLES15-SP6-CHOST-BYOS-Aliyun	Affected
SLES15-SP6-CHOST-BYOS-Azure	Not-Affected
SLES15-SP6-CHOST-BYOS-Azure	Affected
SLES15-SP6-CHOST-BYOS-EC2	Not-Affected
SLES15-SP6-CHOST-BYOS-EC2	Affected
SLES15-SP6-CHOST-BYOS-GCE	Not-Affected
SLES15-SP6-CHOST-BYOS-GCE	Affected
SLES15-SP6-CHOST-BYOS-GDC	Not-Affected
SLES15-SP6-CHOST-BYOS-GDC	Affected
SLES15-SP6-CHOST-BYOS-SAP-CCloud	Not-Affected
SLES15-SP6-CHOST-BYOS-SAP-CCloud	Affected
SLES15-SP7-CHOST-BYOS-Aliyun	Not-Affected
SLES15-SP7-CHOST-BYOS-Aliyun	Affected
SLES15-SP7-CHOST-BYOS-Azure	Not-Affected
SLES15-SP7-CHOST-BYOS-Azure	Affected
SLES15-SP7-CHOST-BYOS-EC2	Not-Affected
SLES15-SP7-CHOST-BYOS-EC2	Affected
SLES15-SP7-CHOST-BYOS-GCE	Not-Affected
SLES15-SP7-CHOST-BYOS-GCE	Affected
SLES15-SP7-CHOST-BYOS-GDC	Not-Affected
SLES15-SP7-CHOST-BYOS-GDC	Affected
SLES15-SP7-CHOST-BYOS-SAP-CCloud	Not-Affected
SLES15-SP7-CHOST-BYOS-SAP-CCloud	Affected
SUSE Linux Enterprise Desktop 15 SP7	Not-Affected
SUSE Linux Enterprise Desktop 15 SP7	Not-Affected
SUSE Linux Enterprise Desktop 15 SP7	Affected
SUSE Linux Enterprise High Performance Computing 12	Not-Affected
SUSE Linux Enterprise High Performance Computing 15 SP7	Not-Affected
SUSE Linux Enterprise High Performance Computing 15 SP7	Not-Affected
SUSE Linux Enterprise High Performance Computing 15 SP7	Not-Affected

OpenSSL CVE-2026-34182

Severity by source

CVSS VectorVendor

Lifecycle Timeline

Description PRE-NVD

Analysis Pending

More from same product – last 7 days

Vendor StatusVendor

SUSE

Share

External POC / Exploit Code