What is the CVSS score of CVE-2026-42770?

CVE-2026-42770 has a CVSS 3.1 base score of 3.7 (Low). CVSS vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N. EPSS exploitation probability: 0.0%.

Is there a patch available for CVE-2026-42770?

Yes, a patch is available for CVE-2026-42770. Update the affected software to the latest version immediately.

OpenSSL CVE-2026-42770

EUVD-2026-35487 LOW

Missing Cryptographic Step (CWE-325)

2026-06-09

GHSA-3cxm-476w-ghm2

OpenSSL Information Disclosure

3.7

CVSS 3.1 · Vendor

Severity by source

Vendor (CNA) PRIMARY

3.7 LOW

AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

Primary rating from Vendor (CNA) · only source for this CVE.

CVSS VectorVendor

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

Attack Vector

Network

Attack Complexity

High

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

None

Availability

None

Lifecycle Timeline

Source Code Evidence Fetched

Jun 09, 2026 - 21:40 vuln.today

Analysis Generated

Jun 09, 2026 - 21:40 vuln.today

CVSS changed

Jun 09, 2026 - 21:22 NVD

3.7 (LOW)

CVE Published

Jun 09, 2026 - 11:43 nvd

LOW 3.7

CVE Published

Jun 09, 2026 - 11:43 nvd

UNKNOWN (no severity yet)

Description PRE-NVD

Disclosed via GitHub release of openssl/openssl. NVD scoring and full description are pending.

AnalysisAI

FFC-DH peer validation in OpenSSL incorrectly accepts an attacker-supplied q (subgroup order) parameter instead of using the locally trusted value, undermining the cryptographic integrity of Diffie-Hellman key exchange. Affected branches span OpenSSL 3.0.x, 3.4.x, 3.5.x, 3.6.x, and 4.0.0, with patched releases issued across all five branches on 2026-06-09. …

Unlock full vulnerability intelligence

Risk assessment & exploitation conditions
Attack chain visualization
Remediation with exact patch versions
Threat intelligence from 22 sources
Personal watchlist & email alerts

Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access

Attain MITM position or act as malicious DH peer

Delivery

Intercept FFC-DH key exchange handshake

Exploit

Inject attacker-controlled `q` subgroup order value

Execution

OpenSSL validates peer key using attacker-supplied `q`

Persist

Subgroup membership check bypassed

Impact

Extract limited session key material

Access

Attain MITM position or act as malicious DH peer

Delivery

Intercept FFC-DH key exchange handshake

Exploit

Inject attacker-controlled `q` subgroup order value

Execution

OpenSSL validates peer key using attacker-supplied `q`

Persist

Subgroup membership check bypassed

Impact

Extract limited session key material

Vulnerability AssessmentAI

Exploitation	Exploitation requires the target to be running an affected OpenSSL version (4.0.0, or 3.0.x/3.4.x/3.5.x/3.6.x below their respective patch thresholds) and to be performing FFC-DH key exchange on a code path that invokes OpenSSL's DH peer parameter validation. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment	The CVSS 3.1 score of 3.7 (Low) with vector AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N accurately characterizes the constrained real-world risk. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario	An adversary performing an active man-in-the-middle attack on a TLS session negotiating a DHE cipher suite intercepts the ServerKeyExchange or equivalent FFC-DH parameter message and substitutes a crafted `q` value of their choosing. Because the target OpenSSL peer uses the attacker-supplied `q` instead of the trusted group order during validation, subgroup membership checks are defeated, potentially allowing the attacker to influence key material derivation and extract limited session information. …
Remediation	Upgrade to the patched release corresponding to the installed OpenSSL branch: 4.0.1, 3.6.3, 3.5.7, 3.4.6, or 3.0.21, as detailed in the vendor advisory at https://openssl-library.org/news/secadv/20260609.txt. … Detailed patch versions, workarounds, and compensating controls in full report.