OpenSSL patched 12 vulnerabilities on January 27, 2026, including one high-severity flaw that could lead to remote code execution. Most issues cause denial-of-service attacks but highlight risks in parsing untrusted data.
The most serious issue, CVE-2025-15467, hits CMS AuthEnvelopedData parsing with AEAD ciphers like AES-GCM. Attackers craft oversized IVs in ASN.1 parameters, causing stack overflows before authentication checks. This leads to crashes or potential remote code execution on apps handling untrusted CMS or PKCS#7 data, such as S/MIME.
Apps parsing remote CMS content face high risk since no key is needed to trigger the overflow. Exploitability depends on platform defenses like ASLR, but the stack write primitive poses severe danger. OpenSSL rated it High severity.
CVE-2025-11187 involves improper PBMAC1 validation in PKCS#12 files, leading to stack overflows or null dereferences in versions 3.6 to 3.4. Malicious files trigger buffer overflows during key derivation if keylength exceeds 64 bytes.
Several low-severity issues like CVE-2025-69419, CVE-2025-69421, and CVE-2026-22795 also hit PKCS#12 handling, causing out-of-bounds writes or null derefs.
| CVE ID | Severity | Brief Impact | Affected Versions | Patched Versions |
|---|---|---|---|---|
| CVE-2025-11187 | Moderate | Stack overflow in PKCS#12 MAC | 3.6, 3.5, 3.4 | 3.6.1, 3.5.5, 3.4.4 |
| CVE-2025-15467 | High | Stack overflow in CMS parsing | 3.6-3.0 | 3.6.1, 3.5.5, 3.4.4, 3.3.6, 3.0.19 |
| CVE-2025-15468 | Low | Null deref in QUIC cipher lookup | 3.6, 3.5, 3.4, 3.3 | 3.6.1, 3.5.5, 3.4.4, 3.3.6 |
| CVE-2025-15469 | Low | dgst tool truncates large inputs | 3.6, 3.5 | 3.6.1, 3.5.5 |
| CVE-2025-66199 | Low | TLS 1.3 cert compression DoS | 3.6, 3.5, 3.4, 3.3 | 3.6.1, 3.5.5, 3.4.4, 3.3.6 |
| CVE-2025-68160 | Low | Heap OOB write in BIO linebuffer | 3.6-3.0, 1.1.1, 1.0.2 | 3.6.1-3.0.19, 1.1.1ze, 1.0.2zn |
| CVE-2025-69418 | Low | OCB tail bytes unencrypted | 3.6-3.0, 1.1.1 | 3.6.1-3.0.19, 1.1.1ze |
| CVE-2025-69419 | Low | OOB write in PKCS12 friendlyname | 3.6-3.0, 1.1.1 | 3.6.1-3.0.19, 1.1.1ze |
| CVE-2025-69420 | Low | Null deref in timestamp verify | 3.6-3.0, 1.1.1 | 3.6.1-3.0.19, 1.1.1ze |
| CVE-2025-69421 | Low | Null deref in PKCS12 decrypt | 3.6-3.0, 1.1.1, 1.0.2 | 3.6.1-3.0.19, 1.1.1ze, 1.0.2zn |
| CVE-2026-22795 | Low | Type confusion in PKCS#12 | 3.6-3.0, 1.1.1 | 3.6.1-3.0.19, 1.1.1ze |
| CVE-2026-22796 | Low | Type confusion in PKCS7 digest | 3.6-3.0, 1.1.1, 1.0.2 | 3.6.1-3.0.19, 1.1.1ze, 1.0.2zn |
These hit parsing untrusted PKCS#12, PKCS#7, timestamps, or niche APIs. Most need crafted inputs, limiting remote exploits to specific setups, reads the advisory.
Vulnerabilities span OpenSSL 3.6 to 1.0.2, excluding older branches without features like PBMAC1 or QUIC. FIPS modules stay safe as the affected code sits outside boundaries.
| Version | Vulnerable CVEs | Fixed Version |
|---|---|---|
| 3.6 | All except 1.0.2-specific | 3.6.1 |
| 3.5 | Most | 3.5.5 |
| 3.4 | Most | 3.4.4 |
| 3.3 | Several | 3.3.6 |
| 3.0 | CMS, BIO, etc. | 3.0.19 |
| 1.1.1 | BIO, OCB, PKCS#12 | 1.1.1ze (premium) |
| 1.0.2 | BIO, PKCS#7 | 1.0.2zn (premium) |
Aisle Research found nearly all flaws, with Stanislav Fort reporting the most. Others credit Luigino Camastra, Petr Šimeček, Tomas Dulka, and Hamza (Metadust). Fixes by Tomas Mraz, Igor Ustinov, etc.
Mitigation Steps
Upgrade immediately: 3.6.1, 3.5.5, etc. Avoid untrusted PKCS#12/CMS inputs; validate file sizes. For TLS 1.3 compression, set SSL_OP_NO_RX_CERTIFICATE_COMPRESSION. Servers parsing S/MIME or timestamps should patch first due to remote risks.
OpenSSL powers web servers, VPNs, and crypto tools worldwide. Quick updates prevent DoS or worse in production. Check dependencies via package managers.
Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.
