OpenSSL has released updates that fix 18 vulnerabilities, including CVE-2026-45447, a high-severity heap user-after-free flaw that could lead to remote code execution. The remaining patches address issues that may enable decryption of traffic, certificate forgery, denial-of-service attacks, integrity bypass, and other harmful outcomes. #OpenSSL #CVE-2026-45447 #PKCS7 #SMIME #Anthropic #ClaudeAI
Keypoints
- OpenSSL patched 18 vulnerabilities in its latest releases.
- CVE-2026-45447 is a high-severity heap user-after-free flaw.
- The bug affects PKCS#7 and S/MIME signature verification.
- Exploitation could cause heap corruption, crashes, or remote code execution.
- Other fixes address decryption, certificate forgery, DoS, and authentication bypass risks.
Read More: https://www.securityweek.com/openssl-patches-high-severity-vulnerability-found-with-ai/