Skip to main content

OpenSSL EUVD-2026-35476

| CVE-2026-34180 HIGH
Out-of-bounds Read (CWE-125)
2026-06-09 GHSA-3c8f-qq7h-7qv6
OpenSSL Information Disclosure Buffer Overflow Red Hat Suse
High
Disputed · 7.5 Vendor
Share

Severity by source

Sources disagree (Low–High)
Vendor (CNA) PRIMARY
7.5 HIGH
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
SUSE
3.7 MEDIUM
AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
Red Hat
5.0 LOW
qualitative

vuln.today treats the vendor’s rating as authoritative. A higher third-party CVSS (e.g. CISA-ADP) is shown for transparency but does not drive the headline severity.

CVSS VectorVendor

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

5
Source Code Evidence Fetched
Jun 09, 2026 - 20:23 vuln.today
Analysis Generated
Jun 09, 2026 - 20:23 vuln.today
CVSS changed
Jun 09, 2026 - 20:22 NVD
7.5 (HIGH)
CVE Published
Jun 09, 2026 - 11:43 nvd
UNKNOWN (no severity yet)
CVE Published
Jun 09, 2026 - 11:43 nvd
HIGH 7.5

Description PRE-NVD

Disclosed via GitHub release of openssl/openssl. NVD scoring and full description are pending.

Articles & Coverage 1

News 7 New OpenSSL Vulnerabilities - 1 Critical, 6 High Severity Jun 10, 2026

AnalysisAI

Denial-of-service in OpenSSL's ASN.1 content parser allows remote unauthenticated attackers to trigger a heap buffer over-read that can crash applications relying on the library for cryptographic parsing. Disclosed via the OpenSSL 4.0.1 security release on 2026-06-09 alongside more than a dozen other fixes, this issue affects every supported branch from 1.0.2 through 3.6 and 4.0. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts
Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Identify service linking vulnerable libcrypto
Delivery
Craft malformed ASN.1 structure
Exploit
Deliver via TLS/CMS/OCSP channel
Execution
Trigger out-of-bounds read in parser
Persist
Crash target process
Impact
Repeat for sustained denial of service
Sign in to reveal

Vulnerability AssessmentAI

Exploitation The target application must invoke OpenSSL ASN.1 content parsing on attacker-supplied data - in practice any code path that decodes X.509 certificates, CMS/PKCS#7 messages, PKCS#12 files, OCSP responses, or CRMF structures via libcrypto. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 7.5 vector (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) indicates a network-reachable, low-complexity, unauthenticated availability-only impact - consistent with a parser crash rather than memory disclosure or code execution, despite the 'Information Disclosure' tag included in the input data (an out-of-bounds read can in theory leak adjacent heap bytes, but the CVSS C:N rating from the assigner argues against any practical confidentiality impact). … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker on the network sends a malformed ASN.1 blob - for example, a crafted X.509 client certificate during a TLS handshake, a signed S/MIME message to a mail gateway, or an OCSP response to a client doing revocation checking - and the OpenSSL ASN.1 parser reads past the end of the heap allocation while decoding content, causing the consuming process to crash. Repeating the request produces a sustained denial of service against the targeted daemon. …
Remediation Vendor-released patch: upgrade to OpenSSL 4.0.1, 3.6.3, 3.5.7, 3.4.6, 3.0.21, 1.1.1zh, or 1.0.2zq as appropriate for the branch in use, per the OpenSSL release at https://github.com/openssl/openssl/releases/tag/openssl-4.0.1 and the security advisory at https://openssl-library.org/news/secadv/20260609.txt; on Ubuntu apply USN-8414-2 (https://ubuntu.com/security/notices/USN-8414-2) and on other distributions track the equivalent distro security update, then restart all services that link libcrypto so the new library is loaded. … Detailed patch versions, workarounds, and compensating controls in full report.
Sign in to read full assessment

Recommended ActionAI

24 hours: Inventory all OpenSSL deployments (1.0.2-4.0) across production systems; confirm patched versions are available from vendors. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

More from same product – last 7 days

CVE-2026-49440 HIGH
7.4 Jun 16

Cryptographic primality validation in Deno's Node.js compatibility layer (versions <= 2.8.0) silently skips Miller-Rabin
CVE-2026-48491 HIGH
Jun 16

mTLS bypass in Traefik 3.7.0-3.7.1 lets unauthenticated remote clients reach backends protected by wildcard-router TLSOp
CVE-2026-53622 HIGH
Jun 16

Authentication bypass in Traefik v3.6.17, v3.7.0, and v3.7.1 allows unauthenticated remote attackers to bypass router-sp

Vendor StatusVendor

SUSE

Severity: Moderate
Product Status
Container suse/sl-micro/6.0/baremetal-os-container:2.1.3-6.189 Container suse/sl-micro/6.0/kvm-os-container:2.1.3-6.170 Container suse/sl-micro/6.0/rt-os-container:2.1.3-7.185 Container suse/sl-micro/6.0/toolbox:13.2-9.122 Affected
Container suse/sl-micro/6.0/base-os-container:2.1.3-7.155 Image SL-Micro Image SLE-Micro Image SLE-Micro-Azure Image SLE-Micro-BYOS Image SLE-Micro-BYOS-Azure Image SLE-Micro-BYOS-EC2 Image SLE-Micro-BYOS-GCE Image SLE-Micro-EC2 Image SLE-Micro-GCE Affected
Container suse/sl-micro/6.1/baremetal-os-container:2.2.1-7.121 Container suse/sl-micro/6.1/kvm-os-container:2.2.1-5.141 Container suse/sl-micro/6.1/rt-os-container:2.2.1-5.135 Affected
Container suse/sl-micro/6.1/base-os-container:2.2.1-5.141 Image SL-Micro-Base Image SL-Micro-Base-RT Image SL-Micro-Base-RT-SelfInstall Image SL-Micro-Base-RT-encrypted Image SL-Micro-Base-SelfInstall Image SL-Micro-Base-encrypted Image SL-Micro-Base-qcow Image SL-Micro-Default Image SL-Micro-Default-SelfInstall Image SL-Micro-Default-encrypted Image SL-Micro-Default-qcow Affected
Container suse/sle-micro/5.5/toolbox:latest Affected

Share

EUVD-2026-35476 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy