Skip to main content

OpenSSL EUVD-2026-35482

| CVE-2026-42765 HIGH
NULL Pointer Dereference (CWE-476)
2026-06-09 GHSA-vm8w-j6fw-jc7r
Denial Of Service Null Pointer Dereference OpenSSL
7.5
CVSS 3.1 · Vendor
Share

Severity by source

Vendor (CNA) PRIMARY
7.5 HIGH
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
SUSE
6.5 MEDIUM
AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Primary rating from Vendor (CNA).

CVSS VectorVendor

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

5
Source Code Evidence Fetched
Jun 09, 2026 - 21:27 vuln.today
Analysis Generated
Jun 09, 2026 - 21:27 vuln.today
CVSS changed
Jun 09, 2026 - 21:22 NVD
7.5 (HIGH)
CVE Published
Jun 09, 2026 - 11:43 nvd
HIGH 7.5
CVE Published
Jun 09, 2026 - 11:43 nvd
UNKNOWN (no severity yet)

Description PRE-NVD

Disclosed via GitHub release of openssl/openssl. NVD scoring and full description are pending.

Articles & Coverage 1

News 7 New OpenSSL Vulnerabilities - 1 Critical, 6 High Severity Jun 10, 2026

AnalysisAI

Denial of service in OpenSSL 3.6.0-3.6.2 and 4.0.0 allows remote attackers to crash applications by triggering a NULL pointer dereference during certificate verification when OCSP checking is enabled. The flaw is patched in OpenSSL 4.0.1 (and 3.6.3) per the vendor's 2026-06-09 security advisory; no public exploit identified at time of analysis, and the issue is not listed in CISA KEV.

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts
Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Identify TLS service using vulnerable OpenSSL with OCSP enabled
Delivery
Initiate TLS handshake or submit crafted certificate
Exploit
Trigger NULL pointer dereference in verification path
Execution
Crash OpenSSL-linked process
Impact
Repeat to sustain denial of service
Sign in to reveal

Vulnerability AssessmentAI

Exploitation The target application must be linked against OpenSSL 3.6.0-3.6.2 or 4.0.0 AND must invoke X.509 certificate verification with OCSP checking enabled (for example, X509_V_FLAG_OCSP_CHECK or equivalent OCSP-stapling/revocation paths in the calling code). … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 3.1 vector AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H scores 7.5 and indicates network-reachable, low-complexity, unauthenticated exploitation with availability-only impact (no confidentiality or integrity loss) - consistent with a crash-style DoS rather than RCE or data exposure. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker presents a crafted X.509 certificate (or an attacker-controlled OCSP responder serves a crafted response) to a vulnerable OpenSSL-based TLS endpoint that has OCSP revocation checking enabled; during verification, OpenSSL dereferences a NULL pointer and the process aborts. Repeating the request reliably crashes the service, producing sustained denial of service against TLS terminators, mTLS-authenticating APIs, S/MIME mail gateways, or code-signing verifiers - no public exploit identified at time of analysis.
Remediation Vendor-released patch: upgrade to OpenSSL 4.0.1 on the 4.0.x branch or OpenSSL 3.6.3 on the 3.6.x branch, as published at https://github.com/openssl/openssl/releases/tag/openssl-4.0.1 and https://openssl-library.org/news/secadv/20260609.txt; the same release fixes fourteen other CVEs including a heap use-after-free in PKCS7_verify() (CVE-2026-45447), so the upgrade is independently justified. … Detailed patch versions, workarounds, and compensating controls in full report.
Sign in to read full assessment

Recommended ActionAI

Within 24 hours: Inventory all systems running OpenSSL 3.6.0-3.6.2 or 4.0.0, particularly application servers and load balancers. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

More from same product – last 7 days

CVE-2026-49440 HIGH
7.4 Jun 16

Cryptographic primality validation in Deno's Node.js compatibility layer (versions <= 2.8.0) silently skips Miller-Rabin
CVE-2026-48491 HIGH
Jun 16

mTLS bypass in Traefik 3.7.0-3.7.1 lets unauthenticated remote clients reach backends protected by wildcard-router TLSOp
CVE-2026-53622 HIGH
Jun 16

Authentication bypass in Traefik v3.6.17, v3.7.0, and v3.7.1 allows unauthenticated remote attackers to bypass router-sp

Vendor StatusVendor

SUSE

Severity: Medium
Product Status
SLES15-SP5-CHOST-BYOS-SAP-CCloud Fixed
SLES15-SP5-CHOST-BYOS-SAP-CCloud Fixed
SLES15-SP6-CHOST-BYOS Fixed
SLES15-SP6-CHOST-BYOS Fixed
SLES15-SP6-CHOST-BYOS-Aliyun Fixed

Share

EUVD-2026-35482 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy