Skip to main content

OpenSSL EUVD-2026-35477

| CVE-2026-34181 HIGH
Improper Validation of Integrity Check Value (CWE-354)
2026-06-09 GHSA-4jgc-cj59-f9mm
Information Disclosure OpenSSL Red Hat Suse
High
Disputed · 7.4 Vendor
Share

Severity by source

Sources disagree (Low–High)
Vendor (CNA) PRIMARY
7.4 HIGH
AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
SUSE
3.1 MEDIUM
AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
Red Hat
6.3 LOW
qualitative

vuln.today treats the vendor’s rating as authoritative. A higher third-party CVSS (e.g. CISA-ADP) is shown for transparency but does not drive the headline severity.

CVSS VectorVendor

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
None

Lifecycle Timeline

5
Source Code Evidence Fetched
Jun 10, 2026 - 17:22 vuln.today
Analysis Generated
Jun 10, 2026 - 17:22 vuln.today
CVSS changed
Jun 10, 2026 - 17:22 NVD
7.4 (HIGH)
CVE Published
Jun 09, 2026 - 11:43 nvd
UNKNOWN (no severity yet)
CVE Published
Jun 09, 2026 - 11:43 nvd
HIGH 7.4

Description PRE-NVD

Disclosed via GitHub release of openssl/openssl. NVD scoring and full description are pending.

AnalysisAI

Integrity-check bypass in OpenSSL 3.4.x, 3.5.x, 3.6.x, and 4.0.0 allows PKCS#12 files protected with PBMAC1 to be accepted even when secured by dangerously short HMAC keys, undermining the authentication of the keystore contents. Vendor patches are available in 3.4.6, 3.5.7, 3.6.3, and 4.0.1, and no public exploit identified at time of analysis; EPSS is 0.00% and the issue is not on the CISA KEV list.

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts
Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Identify target accepting PKCS#12 uploads
Delivery
Craft .p12 with PBMAC1 short HMAC key
Exploit
Forge bag contents with matching MAC
Execution
Deliver file to import workflow
Persist
OpenSSL accepts forged PKCS#12 as authentic
Impact
Substituted key/cert trusted by application
Sign in to reveal

Vulnerability AssessmentAI

Exploitation Exploitation requires the target application to parse a PKCS#12 (.p12/.pfx) file supplied by the attacker using a vulnerable OpenSSL 3.4.0-3.4.5, 3.5.0-3.5.6, 3.6.0-3.6.2, or 4.0.0 build, and that file must be authenticated using the PBMAC1 MAC variant (RFC 9579) rather than the legacy PKCS#12 MAC; attacks against PKCS#12 files using the older HMAC-SHA1/SHA256 MAC profile are out of scope. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 3.1 vector AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N yields 7.4 (High) with no privileges and no user interaction, but high attack complexity reflecting the need to craft a PKCS#12 with a degenerate PBMAC1 key and have a victim system import it. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker who can submit a PKCS#12 file to a victim system - for example, by uploading a malicious .pfx to a certificate-enrollment portal, an MDM profile loader, or a CI/CD secret store - crafts the archive with a PBMAC1 MAC computed using an extremely short derived HMAC key, then alters the certificate or key bag contents and produces a matching MAC. When the receiving OpenSSL-backed application verifies the file it accepts the forged contents as authentic, letting the attacker substitute trust material or otherwise subvert the integrity guarantee callers expect from a password-MAC'd PKCS#12. …
Remediation Apply the vendor-released patches: upgrade to OpenSSL 4.0.1, 3.6.3, 3.5.7, or 3.4.6, whichever matches your branch, using the upstream advisory at https://openssl-library.org/news/secadv/20260609.txt and the OpenSSL 4.0.1 release notes at https://github.com/openssl/openssl/releases/tag/openssl-4.0.1; on Ubuntu, install the packages described in https://ubuntu.com/security/notices/USN-8414-1, and rebuild or restart long-running services (web servers, message brokers, language runtimes) that have the old libcrypto loaded. … Detailed patch versions, workarounds, and compensating controls in full report.
Sign in to read full assessment

Recommended ActionAI

Within 24 hours: identify all systems running OpenSSL 3.4.x, 3.5.x, 3.6.x, or 4.0.0. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

More from same product – last 7 days

CVE-2026-49440 HIGH
7.4 Jun 16

Cryptographic primality validation in Deno's Node.js compatibility layer (versions <= 2.8.0) silently skips Miller-Rabin
CVE-2026-48491 HIGH
Jun 16

mTLS bypass in Traefik 3.7.0-3.7.1 lets unauthenticated remote clients reach backends protected by wildcard-router TLSOp
CVE-2026-53622 HIGH
Jun 16

Authentication bypass in Traefik v3.6.17, v3.7.0, and v3.7.1 allows unauthenticated remote attackers to bypass router-sp

Vendor StatusVendor

SUSE

Severity: Moderate
Product Status
SUSE Liberty Linux 10 Fixed
SUSE Liberty Linux 9 Fixed
SUSE Linux Enterprise Module for Basesystem 15 SP7 Affected
SUSE Linux Enterprise Server 15 SP7 Affected
SUSE Linux Enterprise Desktop 15 SP7 Affected

Share

EUVD-2026-35477 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy