Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2026-34180 (GCVE-0-2026-34180)
Vulnerability from cvelistv5 – Published: 2026-06-09 16:03 – Updated: 2026-06-10 07:47- CWE-125 - Out-of-bounds Read
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-34180",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-09T19:00:59.503895Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-09T19:02:24.228Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "OpenSSL",
"vendor": "OpenSSL",
"versions": [
{
"lessThan": "4.0.1",
"status": "affected",
"version": "4.0.0",
"versionType": "semver"
},
{
"lessThan": "3.6.3",
"status": "affected",
"version": "3.6.0",
"versionType": "semver"
},
{
"lessThan": "3.5.7",
"status": "affected",
"version": "3.5.0",
"versionType": "semver"
},
{
"lessThan": "3.4.6",
"status": "affected",
"version": "3.4.0",
"versionType": "semver"
},
{
"lessThan": "3.0.21",
"status": "affected",
"version": "3.0.0",
"versionType": "semver"
},
{
"lessThan": "1.1.1zh",
"status": "affected",
"version": "1.1.1",
"versionType": "custom"
},
{
"lessThan": "1.0.2zq",
"status": "affected",
"version": "1.0.2",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Frank Buss"
},
{
"lang": "en",
"type": "remediation developer",
"value": "Viktor Dukhovni"
}
],
"datePublic": "2026-06-09T14:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Issue summary: Parsing a crafted DER-encoded ASN.1 structure with a primitive\u003cbr\u003eelement whose content exceeds 2 gigabytes in length may cause a heap buffer\u003cbr\u003eover-read on 64-bit Unix and Unix-like platforms.\u003cbr\u003e\u003cbr\u003eImpact summary: The heap buffer over-read may crash the application (Denial of\u003cbr\u003eService) or to load into the decoded ASN.1 object contents of memory beyond the\u003cbr\u003eend of the input buffer. More typically such ASN.1 elements would instead be\u003cbr\u003etruncated.\u003cbr\u003e\u003cbr\u003eAn integer truncation in OpenSSL\u0027s ASN.1 decoder causes the content length of\u003cbr\u003ean ASN.1 primitive element to be mishandled when it exceeds 2 gigabytes. In the\u003cbr\u003eworst case the truncated length is treated as a request to scan the binary\u003cbr\u003econtent for a terminating zero byte, possibly causing OpenSSL to read either\u003cbr\u003eless than or beyond the end of the allocated buffer.\u003cbr\u003e\u003cbr\u003eApplications that pass attacker-supplied data to d2i_X509(), d2i_PKCS7(), or\u003cbr\u003eany other d2i_* decoding function are affected. OpenSSL\u0027s own command-line\u003cbr\u003etools are not vulnerable, as data read through the BIO layer is checked before\u003cbr\u003eit reaches the affected code. The issue only affects 64-bit Unix and Unix-like\u003cbr\u003eplatforms; 32-bit platforms and 64-bit Windows are not affected.\u003cbr\u003e\u003cbr\u003eThe FIPS modules in 4.0, 3.6, 3.5, 3.4 and 3.0 are not affected by this issue,\u003cbr\u003eas the affected code is outside the OpenSSL FIPS module boundary."
}
],
"value": "Issue summary: Parsing a crafted DER-encoded ASN.1 structure with a primitive\nelement whose content exceeds 2 gigabytes in length may cause a heap buffer\nover-read on 64-bit Unix and Unix-like platforms.\n\nImpact summary: The heap buffer over-read may crash the application (Denial of\nService) or to load into the decoded ASN.1 object contents of memory beyond the\nend of the input buffer. More typically such ASN.1 elements would instead be\ntruncated.\n\nAn integer truncation in OpenSSL\u0027s ASN.1 decoder causes the content length of\nan ASN.1 primitive element to be mishandled when it exceeds 2 gigabytes. In the\nworst case the truncated length is treated as a request to scan the binary\ncontent for a terminating zero byte, possibly causing OpenSSL to read either\nless than or beyond the end of the allocated buffer.\n\nApplications that pass attacker-supplied data to d2i_X509(), d2i_PKCS7(), or\nany other d2i_* decoding function are affected. OpenSSL\u0027s own command-line\ntools are not vulnerable, as data read through the BIO layer is checked before\nit reaches the affected code. The issue only affects 64-bit Unix and Unix-like\nplatforms; 32-bit platforms and 64-bit Windows are not affected.\n\nThe FIPS modules in 4.0, 3.6, 3.5, 3.4 and 3.0 are not affected by this issue,\nas the affected code is outside the OpenSSL FIPS module boundary."
}
],
"metrics": [
{
"format": "other",
"other": {
"content": {
"text": "Low"
},
"type": "https://openssl-library.org/policies/general/security-policy/"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-10T07:47:52.427Z",
"orgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5",
"shortName": "openssl"
},
"references": [
{
"name": "OpenSSL Advisory",
"tags": [
"vendor-advisory"
],
"url": "https://openssl-library.org/news/secadv/20260609.txt"
},
{
"name": "4.0.1 git commit",
"tags": [
"patch"
],
"url": "https://github.com/openssl/openssl/commit/f696c73c3e61b8c502d040af62e690c060908a16"
},
{
"name": "3.6.3 git commit",
"tags": [
"patch"
],
"url": "https://github.com/openssl/openssl/commit/d93853c42110d6319e3df07842b488cb9f7ac5ff"
},
{
"name": "3.5.7 git commit",
"tags": [
"patch"
],
"url": "https://github.com/openssl/openssl/commit/da5d62af75f69d6fbf7803743d7c56ac75461e43"
},
{
"name": "3.4.6 git commit",
"tags": [
"patch"
],
"url": "https://github.com/openssl/openssl/commit/1c6908e4fa5fa568752221d8eaf561a809751e5d"
},
{
"name": "3.0.21 git commit",
"tags": [
"patch"
],
"url": "https://github.com/openssl/openssl/commit/cbe418ae978539cf14a398a207dba834c0e93e83"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Heap Buffer Over-read in ASN.1 Content Parsing",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5",
"assignerShortName": "openssl",
"cveId": "CVE-2026-34180",
"datePublished": "2026-06-09T16:03:17.082Z",
"dateReserved": "2026-03-26T09:29:36.012Z",
"dateUpdated": "2026-06-10T07:47:52.427Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CERTFR-2026-AVI-0782
Vulnerability from certfr_avis - Published: 2026-06-19 - Updated: 2026-06-19
De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, une atteinte à la confidentialité des données et une atteinte à l'intégrité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
None| Vendor | Product | Description | ||
|---|---|---|---|---|
| SUSE | N/A | SUSE Linux Enterprise Micro for Rancher 5.3 | ||
| SUSE | N/A | SUSE Linux Enterprise High Performance Computing 15 SP5 | ||
| SUSE | N/A | SUSE Linux Micro Extras 6.0 | ||
| SUSE | N/A | SUSE Linux Enterprise Micro 5.3 | ||
| SUSE | N/A | SUSE Manager Proxy 4.3 | ||
| SUSE | N/A | SUSE Linux Micro 6.1 | ||
| SUSE | N/A | SUSE Linux Enterprise High Performance Computing 12 SP5 | ||
| SUSE | N/A | SUSE Linux Micro 6.0 | ||
| SUSE | N/A | SUSE Linux Enterprise Server 12 SP5 | ||
| SUSE | N/A | SUSE Linux Enterprise High Availability Extension 15 SP4 | ||
| SUSE | N/A | SUSE Linux Enterprise Micro for Rancher 5.4 | ||
| SUSE | N/A | SUSE Linux Enterprise Live Patching 15-SP4 | ||
| SUSE | N/A | SUSE Manager Retail Branch Server 4.3 | ||
| SUSE | N/A | SUSE Linux Enterprise Server 12 SP5 LTSS | ||
| SUSE | N/A | SUSE Linux Enterprise Server High Availability Extension 16.0 | ||
| SUSE | N/A | openSUSE Leap 15.4 | ||
| SUSE | N/A | SUSE Linux Enterprise Server for SAP Applications 15 SP4 | ||
| SUSE | N/A | openSUSE Leap 15.5 | ||
| SUSE | N/A | SUSE Manager Server 4.3 | ||
| SUSE | N/A | SUSE Linux Micro Extras 6.1 | ||
| SUSE | N/A | SUSE Linux Enterprise High Performance Computing 15 SP4 | ||
| SUSE | N/A | SUSE Linux Enterprise Server for SAP applications 16.0 | ||
| SUSE | N/A | SUSE Linux Enterprise Server 15 SP5 | ||
| SUSE | N/A | SUSE Linux Enterprise Server for SAP Applications 15 SP5 | ||
| SUSE | N/A | SUSE Linux Enterprise Real Time 15 SP5 | ||
| SUSE | N/A | SUSE Linux Enterprise Live Patching 12-SP5 | ||
| SUSE | N/A | SUSE Linux Micro 6.2 | ||
| SUSE | N/A | SUSE Linux Enterprise Live Patching 15-SP5 | ||
| SUSE | N/A | SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 | ||
| SUSE | N/A | SUSE Linux Enterprise Server 15 SP4 LTSS | ||
| SUSE | N/A | SUSE Linux Micro Extras 6.2 | ||
| SUSE | N/A | SUSE Linux Enterprise Server 15 SP4 | ||
| SUSE | N/A | SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 | ||
| SUSE | N/A | SUSE Linux Enterprise Server 15 SP5 LTSS | ||
| SUSE | N/A | SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 | ||
| SUSE | N/A | SUSE Linux Enterprise Real Time 15 SP4 | ||
| SUSE | N/A | SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 | ||
| SUSE | N/A | SUSE Linux Enterprise Server 16.0 | ||
| SUSE | N/A | SUSE Linux Enterprise Server for SAP Applications 12 SP5 | ||
| SUSE | N/A | SUSE Linux Enterprise Micro 5.4 | ||
| SUSE | N/A | SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security | ||
| SUSE | N/A | SUSE Linux Enterprise Micro 5.5 |
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SUSE Linux Enterprise Micro for Rancher 5.3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15 SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Micro Extras 6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Proxy 4.3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Micro 6.1",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 12 SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Micro 6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 12 SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Availability Extension 15 SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro for Rancher 5.4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 15-SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Retail Branch Server 4.3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 12 SP5 LTSS",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server High Availability Extension 16.0",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "openSUSE Leap 15.4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "openSUSE Leap 15.5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Server 4.3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Micro Extras 6.1",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15 SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP applications 16.0",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Real Time 15 SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 12-SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Micro 6.2",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 15-SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing LTSS 15 SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP4 LTSS",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Micro Extras 6.2",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP5 LTSS",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing LTSS 15 SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Real Time 15 SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 16.0",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2026-43198",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43198"
},
{
"name": "CVE-2026-45842",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45842"
},
{
"name": "CVE-2026-31483",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31483"
},
{
"name": "CVE-2025-68324",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68324"
},
{
"name": "CVE-2026-43068",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43068"
},
{
"name": "CVE-2026-43414",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43414"
},
{
"name": "CVE-2026-31493",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31493"
},
{
"name": "CVE-2026-43413",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43413"
},
{
"name": "CVE-2026-34180",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34180"
},
{
"name": "CVE-2026-45852",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45852"
},
{
"name": "CVE-2026-43483",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43483"
},
{
"name": "CVE-2026-31758",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31758"
},
{
"name": "CVE-2026-45856",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45856"
},
{
"name": "CVE-2026-42766",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42766"
},
{
"name": "CVE-2026-9076",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-9076"
},
{
"name": "CVE-2026-43470",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43470"
},
{
"name": "CVE-2026-43455",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43455"
},
{
"name": "CVE-2026-23438",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23438"
},
{
"name": "CVE-2026-45910",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45910"
},
{
"name": "CVE-2026-31405",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31405"
},
{
"name": "CVE-2026-43339",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43339"
},
{
"name": "CVE-2026-43054",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43054"
},
{
"name": "CVE-2026-31664",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31664"
},
{
"name": "CVE-2023-20585",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20585"
},
{
"name": "CVE-2026-31473",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31473"
},
{
"name": "CVE-2026-31556",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31556"
},
{
"name": "CVE-2026-31448",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31448"
},
{
"name": "CVE-2026-42770",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42770"
},
{
"name": "CVE-2026-23303",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23303"
},
{
"name": "CVE-2026-31396",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31396"
},
{
"name": "CVE-2026-31613",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31613"
},
{
"name": "CVE-2026-46114",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46114"
},
{
"name": "CVE-2026-43411",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43411"
},
{
"name": "CVE-2026-23380",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23380"
},
{
"name": "CVE-2026-43284",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43284"
},
{
"name": "CVE-2026-43362",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43362"
},
{
"name": "CVE-2026-45835",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45835"
},
{
"name": "CVE-2026-23271",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23271"
},
{
"name": "CVE-2026-43052",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43052"
},
{
"name": "CVE-2026-45445",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45445"
},
{
"name": "CVE-2026-31655",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31655"
},
{
"name": "CVE-2026-31447",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31447"
},
{
"name": "CVE-2026-45870",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45870"
},
{
"name": "CVE-2026-31645",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31645"
},
{
"name": "CVE-2026-43028",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43028"
},
{
"name": "CVE-2026-31614",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31614"
},
{
"name": "CVE-2026-46113",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46113"
},
{
"name": "CVE-2026-31683",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31683"
},
{
"name": "CVE-2026-3150",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-3150"
},
{
"name": "CVE-2026-45841",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45841"
},
{
"name": "CVE-2026-31568",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31568"
},
{
"name": "CVE-2026-31668",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31668"
},
{
"name": "CVE-2026-46159",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46159"
},
{
"name": "CVE-2026-31546",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31546"
},
{
"name": "CVE-2026-46209",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46209"
},
{
"name": "CVE-2026-31516",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31516"
},
{
"name": "CVE-2026-7383",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7383"
},
{
"name": "CVE-2026-46169",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46169"
},
{
"name": "CVE-2026-43012",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43012"
},
{
"name": "CVE-2026-43503",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43503"
},
{
"name": "CVE-2026-43063",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43063"
},
{
"name": "CVE-2026-46024",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46024"
},
{
"name": "CVE-2026-43009",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43009"
},
{
"name": "CVE-2026-43394",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43394"
},
{
"name": "CVE-2025-68822",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68822"
},
{
"name": "CVE-2026-46116",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46116"
},
{
"name": "CVE-2026-46083",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46083"
},
{
"name": "CVE-2026-43030",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43030"
},
{
"name": "CVE-2026-46259",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46259"
},
{
"name": "CVE-2026-31588",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31588"
},
{
"name": "CVE-2026-31415",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31415"
},
{
"name": "CVE-2026-31703",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31703"
},
{
"name": "CVE-2026-46176",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46176"
},
{
"name": "CVE-2026-45846",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45846"
},
{
"name": "CVE-2026-43499",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43499"
},
{
"name": "CVE-2026-43150",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43150"
},
{
"name": "CVE-2026-23279",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23279"
},
{
"name": "CVE-2026-23359",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23359"
},
{
"name": "CVE-2026-46181",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46181"
},
{
"name": "CVE-2026-31469",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31469"
},
{
"name": "CVE-2026-31498",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31498"
},
{
"name": "CVE-2026-46043",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46043"
},
{
"name": "CVE-2026-43197",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43197"
},
{
"name": "CVE-2026-46317",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46317"
},
{
"name": "CVE-2026-31515",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31515"
},
{
"name": "CVE-2026-43249",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43249"
},
{
"name": "CVE-2026-43252",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43252"
},
{
"name": "CVE-2026-46243",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46243"
},
{
"name": "CVE-2026-43140",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43140"
},
{
"name": "CVE-2026-23396",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23396"
},
{
"name": "CVE-2026-31759",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31759"
},
{
"name": "CVE-2026-43360",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43360"
},
{
"name": "CVE-2026-45878",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45878"
},
{
"name": "CVE-2026-45932",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45932"
},
{
"name": "CVE-2025-10263",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-10263"
},
{
"name": "CVE-2026-31671",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31671"
},
{
"name": "CVE-2026-43328",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43328"
},
{
"name": "CVE-2026-43024",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43024"
},
{
"name": "CVE-2026-43077",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43077"
},
{
"name": "CVE-2026-23367",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23367"
},
{
"name": "CVE-2026-43407",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43407"
},
{
"name": "CVE-2026-45447",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45447"
},
{
"name": "CVE-2026-43026",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43026"
},
{
"name": "CVE-2026-31480",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31480"
},
{
"name": "CVE-2026-46150",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46150"
},
{
"name": "CVE-2026-46090",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46090"
},
{
"name": "CVE-2026-43184",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43184"
},
{
"name": "CVE-2026-43361",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43361"
},
{
"name": "CVE-2026-43261",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43261"
},
{
"name": "CVE-2026-23444",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23444"
},
{
"name": "CVE-2026-45886",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45886"
},
{
"name": "CVE-2026-46110",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46110"
},
{
"name": "CVE-2026-43158",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43158"
},
{
"name": "CVE-2026-31401",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31401"
},
{
"name": "CVE-2026-43501",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43501"
},
{
"name": "CVE-2026-31521",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31521"
},
{
"name": "CVE-2026-43059",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43059"
},
{
"name": "CVE-2026-46111",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46111"
},
{
"name": "CVE-2026-45446",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45446"
},
{
"name": "CVE-2026-31648",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31648"
},
{
"name": "CVE-2026-45984",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45984"
},
{
"name": "CVE-2026-31421",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31421"
},
{
"name": "CVE-2026-31518",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31518"
},
{
"name": "CVE-2026-43296",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43296"
},
{
"name": "CVE-2026-43066",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43066"
},
{
"name": "CVE-2026-45970",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45970"
},
{
"name": "CVE-2026-31590",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31590"
},
{
"name": "CVE-2026-43020",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43020"
},
{
"name": "CVE-2026-31767",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31767"
},
{
"name": "CVE-2026-23448",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23448"
},
{
"name": "CVE-2025-38549",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38549"
},
{
"name": "CVE-2026-31584",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31584"
},
{
"name": "CVE-2026-31778",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31778"
},
{
"name": "CVE-2026-43040",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43040"
},
{
"name": "CVE-2026-31532",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31532"
},
{
"name": "CVE-2026-43206",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43206"
},
{
"name": "CVE-2026-43065",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43065"
},
{
"name": "CVE-2026-45843",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45843"
},
{
"name": "CVE-2026-46316",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46316"
},
{
"name": "CVE-2026-43406",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43406"
},
{
"name": "CVE-2026-46004",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46004"
},
{
"name": "CVE-2026-46094",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46094"
},
{
"name": "CVE-2026-43187",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43187"
},
{
"name": "CVE-2026-31736",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31736"
},
{
"name": "CVE-2026-43341",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43341"
},
{
"name": "CVE-2026-31562",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31562"
},
{
"name": "CVE-2026-46160",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46160"
},
{
"name": "CVE-2026-46079",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46079"
},
{
"name": "CVE-2026-45898",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45898"
},
{
"name": "CVE-2026-43037",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43037"
},
{
"name": "CVE-2026-46021",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46021"
},
{
"name": "CVE-2026-31596",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31596"
},
{
"name": "CVE-2026-45942",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45942"
},
{
"name": "CVE-2026-43112",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43112"
},
{
"name": "CVE-2026-46273",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46273"
},
{
"name": "CVE-2026-31674",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31674"
},
{
"name": "CVE-2026-43109",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43109"
},
{
"name": "CVE-2026-31575",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31575"
},
{
"name": "CVE-2026-31678",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31678"
},
{
"name": "CVE-2026-31540",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31540"
},
{
"name": "CVE-2025-40253",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40253"
},
{
"name": "CVE-2026-43338",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43338"
},
{
"name": "CVE-2026-34182",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34182"
},
{
"name": "CVE-2026-43234",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43234"
},
{
"name": "CVE-2026-43359",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43359"
},
{
"name": "CVE-2026-31455",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31455"
},
{
"name": "CVE-2026-43393",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43393"
},
{
"name": "CVE-2026-31774",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31774"
},
{
"name": "CVE-2026-31729",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31729"
},
{
"name": "CVE-2026-23327",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23327"
},
{
"name": "CVE-2026-31446",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31446"
},
{
"name": "CVE-2026-31464",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31464"
},
{
"name": "CVE-2026-31500",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31500"
},
{
"name": "CVE-2026-43333",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43333"
},
{
"name": "CVE-2026-45983",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45983"
},
{
"name": "CVE-2026-43332",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43332"
},
{
"name": "CVE-2026-46157",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46157"
},
{
"name": "CVE-2026-43325",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43325"
},
{
"name": "CVE-2026-43038",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43038"
},
{
"name": "CVE-2026-43013",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43013"
},
{
"name": "CVE-2026-31454",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31454"
},
{
"name": "CVE-2026-31452",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31452"
},
{
"name": "CVE-2026-31629",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31629"
},
{
"name": "CVE-2026-23254",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23254"
},
{
"name": "CVE-2026-31673",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31673"
}
],
"initial_release_date": "2026-06-19T00:00:00",
"last_revision_date": "2026-06-19T00:00:00",
"links": [],
"reference": "CERTFR-2026-AVI-0782",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2026-06-19T00:00:00.000000"
}
],
"risks": [
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de SUSE. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de SUSE",
"vendor_advisories": [
{
"published_at": "2026-06-16",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:2421-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20262421-1"
},
{
"published_at": "2026-06-15",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:22108-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202622108-1"
},
{
"published_at": "2026-06-15",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:22112-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202622112-1"
},
{
"published_at": "2026-06-15",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:22137-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202622137-1"
},
{
"published_at": "2026-06-15",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:22099-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202622099-1"
},
{
"published_at": "2026-06-12",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:2383-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20262383-1"
},
{
"published_at": "2026-06-15",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:22100-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202622100-1"
},
{
"published_at": "2026-06-05",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:22076-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202622076-1"
},
{
"published_at": "2026-06-15",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:22140-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202622140-1"
},
{
"published_at": "2026-06-15",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:22127-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202622127-1"
},
{
"published_at": "2026-06-15",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:22117-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202622117-1"
},
{
"published_at": "2026-06-05",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:22087-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202622087-1"
},
{
"published_at": "2026-06-18",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:2450-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20262450-1"
}
]
}
CERTFR-2026-AVI-0796
Vulnerability from certfr_avis - Published: 2026-06-24 - Updated: 2026-06-24
De multiples vulnérabilités ont été découvertes dans Tenable Identity Exposure. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Tenable | Identity Exposure | Tenable Identity Exposure versions antérieures à v3.93.5 |
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Tenable Identity Exposure versions ant\u00e9rieures \u00e0 v3.93.5",
"product": {
"name": "Identity Exposure",
"vendor": {
"name": "Tenable",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-66199",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66199"
},
{
"name": "CVE-2026-42789",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42789"
},
{
"name": "CVE-2026-21637",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21637"
},
{
"name": "CVE-2026-34180",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34180"
},
{
"name": "CVE-2025-55248",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55248"
},
{
"name": "CVE-2026-35188",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-35188"
},
{
"name": "CVE-2026-42766",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42766"
},
{
"name": "CVE-2026-9076",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-9076"
},
{
"name": "CVE-2025-15469",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15469"
},
{
"name": "CVE-2026-1965",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1965"
},
{
"name": "CVE-2026-34181",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34181"
},
{
"name": "CVE-2026-42790",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42790"
},
{
"name": "CVE-2026-42770",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42770"
},
{
"name": "CVE-2025-69419",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69419"
},
{
"name": "CVE-2026-3783",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-3783"
},
{
"name": "CVE-2026-6429",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-6429"
},
{
"name": "CVE-2026-32167",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32167"
},
{
"name": "CVE-2026-32175",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32175"
},
{
"name": "CVE-2026-28386",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-28386"
},
{
"name": "CVE-2026-45445",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45445"
},
{
"name": "CVE-2026-45591",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45591"
},
{
"name": "CVE-2025-15467",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15467"
},
{
"name": "CVE-2025-55130",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55130"
},
{
"name": "CVE-2025-55131",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55131"
},
{
"name": "CVE-2025-59465",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59465"
},
{
"name": "CVE-2026-7383",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7383"
},
{
"name": "CVE-2026-21715",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21715"
},
{
"name": "CVE-2026-42771",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42771"
},
{
"name": "CVE-2026-35433",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-35433"
},
{
"name": "CVE-2026-22795",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22795"
},
{
"name": "CVE-2026-26130",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-26130"
},
{
"name": "CVE-2026-33120",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33120"
},
{
"name": "CVE-2026-28389",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-28389"
},
{
"name": "CVE-2026-42765",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42765"
},
{
"name": "CVE-2026-21717",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21717"
},
{
"name": "CVE-2025-69421",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69421"
},
{
"name": "CVE-2026-42769",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42769"
},
{
"name": "CVE-2026-6253",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-6253"
},
{
"name": "CVE-2026-7009",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7009"
},
{
"name": "CVE-2026-21716",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21716"
},
{
"name": "CVE-2026-22796",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22796"
},
{
"name": "CVE-2026-42899",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42899"
},
{
"name": "CVE-2026-21262",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21262"
},
{
"name": "CVE-2026-26171",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-26171"
},
{
"name": "CVE-2026-32203",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32203"
},
{
"name": "CVE-2025-55132",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55132"
},
{
"name": "CVE-2026-45447",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45447"
},
{
"name": "CVE-2025-55247",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55247"
},
{
"name": "CVE-2025-14017",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-14017"
},
{
"name": "CVE-2026-3805",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-3805"
},
{
"name": "CVE-2026-28387",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-28387"
},
{
"name": "CVE-2026-28388",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-28388"
},
{
"name": "CVE-2026-32177",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32177"
},
{
"name": "CVE-2026-21714",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21714"
},
{
"name": "CVE-2026-45446",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45446"
},
{
"name": "CVE-2026-40370",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-40370"
},
{
"name": "CVE-2026-13007",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-13007"
},
{
"name": "CVE-2025-68160",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68160"
},
{
"name": "CVE-2026-34183",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34183"
},
{
"name": "CVE-2025-13034",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-13034"
},
{
"name": "CVE-2026-28390",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-28390"
},
{
"name": "CVE-2026-45490",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45490"
},
{
"name": "CVE-2025-14524",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-14524"
},
{
"name": "CVE-2026-42767",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42767"
},
{
"name": "CVE-2026-4873",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-4873"
},
{
"name": "CVE-2025-69418",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69418"
},
{
"name": "CVE-2025-59466",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59466"
},
{
"name": "CVE-2025-15468",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15468"
},
{
"name": "CVE-2026-21713",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21713"
},
{
"name": "CVE-2026-33116",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33116"
},
{
"name": "CVE-2026-42764",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42764"
},
{
"name": "CVE-2026-31789",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31789"
},
{
"name": "CVE-2026-5773",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-5773"
},
{
"name": "CVE-2026-32178",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32178"
},
{
"name": "CVE-2026-6276",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-6276"
},
{
"name": "CVE-2026-42768",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42768"
},
{
"name": "CVE-2025-11187",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11187"
},
{
"name": "CVE-2025-15079",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15079"
},
{
"name": "CVE-2026-2673",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-2673"
},
{
"name": "CVE-2026-45491",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45491"
},
{
"name": "CVE-2025-14819",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-14819"
},
{
"name": "CVE-2026-34182",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34182"
},
{
"name": "CVE-2025-55315",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55315"
},
{
"name": "CVE-2026-21218",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21218"
},
{
"name": "CVE-2026-7168",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7168"
},
{
"name": "CVE-2026-32176",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32176"
},
{
"name": "CVE-2025-69420",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69420"
},
{
"name": "CVE-2025-15224",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15224"
},
{
"name": "CVE-2026-31790",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31790"
},
{
"name": "CVE-2026-5545",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-5545"
},
{
"name": "CVE-2026-21710",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21710"
},
{
"name": "CVE-2026-3784",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-3784"
}
],
"initial_release_date": "2026-06-24T00:00:00",
"last_revision_date": "2026-06-24T00:00:00",
"links": [],
"reference": "CERTFR-2026-AVI-0796",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2026-06-24T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Injection SQL (SQLi)"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Tenable Identity Exposure. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Tenable Identity Exposure",
"vendor_advisories": [
{
"published_at": "2026-06-23",
"title": "Bulletin de s\u00e9curit\u00e9 Tenable tns-2026-16",
"url": "https://www.tenable.com/security/tns-2026-16"
}
]
}
CERTFR-2026-AVI-0783
Vulnerability from certfr_avis - Published: 2026-06-19 - Updated: 2026-06-19
De multiples vulnérabilités ont été découvertes dans Microsoft Azure. Elles permettent à un attaquant de provoquer une élévation de privilèges et un problème de sécurité non spécifié par l'éditeur.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Microsoft | N/A | azl3 erlang 26.2.5.20-1 versions antérieures à 26.2.5.21-2 | ||
| Microsoft | N/A | azl3 python-pip 24.2-8 versions antérieures à 24.2-9 | ||
| Microsoft | N/A | azl3 edk2 20240524git3e722403cd16-17 versions antérieures à 20240524git3e722403cd16-18 | ||
| Microsoft | N/A | azl3 qemu 9.1.0-7 versions antérieures à 9.1.0-8 | ||
| Microsoft | N/A | azl3 opensc 0.27.1-1 versions antérieures à 0.27.1-2 | ||
| Microsoft | N/A | azl3 kernel 6.6.139.1-1 versions antérieures à 6.6.141.1-1 |
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "azl3 erlang 26.2.5.20-1 versions ant\u00e9rieures \u00e0 26.2.5.21-2",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "azl3 python-pip 24.2-8 versions ant\u00e9rieures \u00e0 24.2-9",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "azl3 edk2 20240524git3e722403cd16-17 versions ant\u00e9rieures \u00e0 20240524git3e722403cd16-18",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "azl3 qemu 9.1.0-7 versions ant\u00e9rieures \u00e0 9.1.0-8",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "azl3 opensc 0.27.1-1 versions ant\u00e9rieures \u00e0 0.27.1-2",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "azl3 kernel 6.6.139.1-1 versions ant\u00e9rieures \u00e0 6.6.141.1-1",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2026-46307",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46307"
},
{
"name": "CVE-2026-34180",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34180"
},
{
"name": "CVE-2026-42766",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42766"
},
{
"name": "CVE-2026-49760",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-49760"
},
{
"name": "CVE-2026-9076",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-9076"
},
{
"name": "CVE-2026-46319",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46319"
},
{
"name": "CVE-2026-46280",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46280"
},
{
"name": "CVE-2026-46287",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46287"
},
{
"name": "CVE-2026-46303",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46303"
},
{
"name": "CVE-2026-45445",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45445"
},
{
"name": "CVE-2026-10275",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-10275"
},
{
"name": "CVE-2026-7383",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7383"
},
{
"name": "CVE-2026-48858",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-48858"
},
{
"name": "CVE-2026-49759",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-49759"
},
{
"name": "CVE-2026-48855",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-48855"
},
{
"name": "CVE-2026-46296",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46296"
},
{
"name": "CVE-2026-46293",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46293"
},
{
"name": "CVE-2026-46301",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46301"
},
{
"name": "CVE-2026-46289",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46289"
},
{
"name": "CVE-2026-46285",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46285"
},
{
"name": "CVE-2026-45447",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45447"
},
{
"name": "CVE-2026-48856",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-48856"
},
{
"name": "CVE-2026-46291",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46291"
},
{
"name": "CVE-2026-46312",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46312"
},
{
"name": "CVE-2026-46274",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46274"
},
{
"name": "CVE-2026-46292",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46292"
},
{
"name": "CVE-2026-42767",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42767"
},
{
"name": "CVE-2026-48914",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-48914"
},
{
"name": "CVE-2026-48860",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-48860"
},
{
"name": "CVE-2026-8643",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-8643"
},
{
"name": "CVE-2026-46306",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46306"
},
{
"name": "CVE-2026-46299",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46299"
},
{
"name": "CVE-2026-46304",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46304"
}
],
"initial_release_date": "2026-06-19T00:00:00",
"last_revision_date": "2026-06-19T00:00:00",
"links": [],
"reference": "CERTFR-2026-AVI-0783",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2026-06-19T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Microsoft Azure. Elles permettent \u00e0 un attaquant de provoquer une \u00e9l\u00e9vation de privil\u00e8ges et un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Microsoft Azure",
"vendor_advisories": [
{
"published_at": "2026-06-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-42766",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42766"
},
{
"published_at": "2026-06-10",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46280",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46280"
},
{
"published_at": "2026-06-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-42767",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42767"
},
{
"published_at": "2026-06-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-45447",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45447"
},
{
"published_at": "2026-06-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-45445",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45445"
},
{
"published_at": "2026-06-17",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-49759",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-49759"
},
{
"published_at": "2026-06-10",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46307",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46307"
},
{
"published_at": "2026-06-10",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46291",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46291"
},
{
"published_at": "2026-06-10",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46301",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46301"
},
{
"published_at": "2026-06-10",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46303",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46303"
},
{
"published_at": "2026-06-10",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46306",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46306"
},
{
"published_at": "2026-06-17",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-48856",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-48856"
},
{
"published_at": "2026-06-10",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46287",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46287"
},
{
"published_at": "2026-06-17",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-48860",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-48860"
},
{
"published_at": "2026-06-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-34180",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-34180"
},
{
"published_at": "2026-06-10",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46292",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46292"
},
{
"published_at": "2026-06-10",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46285",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46285"
},
{
"published_at": "2026-06-10",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46312",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46312"
},
{
"published_at": "2026-06-17",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-49760",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-49760"
},
{
"published_at": "2026-06-10",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46319",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46319"
},
{
"published_at": "2026-06-10",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46293",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46293"
},
{
"published_at": "2026-06-17",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-48914",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-48914"
},
{
"published_at": "2026-06-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-7383",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7383"
},
{
"published_at": "2026-06-10",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46296",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46296"
},
{
"published_at": "2026-06-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-9076",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-9076"
},
{
"published_at": "2026-06-10",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46274",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46274"
},
{
"published_at": "2026-06-17",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-48855",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-48855"
},
{
"published_at": "2026-06-05",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-10275",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10275"
},
{
"published_at": "2026-06-04",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-8643",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8643"
},
{
"published_at": "2026-06-17",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-48858",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-48858"
},
{
"published_at": "2026-06-10",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46289",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46289"
},
{
"published_at": "2026-06-10",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46299",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46299"
},
{
"published_at": "2026-06-10",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46304",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46304"
}
]
}
CERTFR-2026-AVI-0717
Vulnerability from certfr_avis - Published: 2026-06-10 - Updated: 2026-06-10
De multiples vulnérabilités ont été découvertes dans OpenSSL. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
| Vendor | Product | Description | ||
|---|---|---|---|---|
| OpenSSL | OpenSSL | OpenSSL versions 1.0.x antérieures à 1.0.2zq | ||
| OpenSSL | OpenSSL | OpenSSL versions 4.x antérieures à 4.0.1 | ||
| OpenSSL | OpenSSL | OpenSSL versions 3.5.x antérieures à 3.5.7 | ||
| OpenSSL | OpenSSL | OpenSSL versions 1.1.x antérieures à 1.1.1zh | ||
| OpenSSL | OpenSSL | OpenSSL versions 3.x antérieures à 3.0.21 | ||
| OpenSSL | OpenSSL | OpenSSL versions 3.6.x antérieures à 3.6.3 | ||
| OpenSSL | OpenSSL | OpenSSL versions 3.4.x antérieures à 3.4.6 |
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "OpenSSL versions 1.0.x ant\u00e9rieures \u00e0 1.0.2zq",
"product": {
"name": "OpenSSL",
"vendor": {
"name": "OpenSSL",
"scada": false
}
}
},
{
"description": "OpenSSL versions 4.x ant\u00e9rieures \u00e0 4.0.1",
"product": {
"name": "OpenSSL",
"vendor": {
"name": "OpenSSL",
"scada": false
}
}
},
{
"description": "OpenSSL versions 3.5.x ant\u00e9rieures \u00e0 3.5.7",
"product": {
"name": "OpenSSL",
"vendor": {
"name": "OpenSSL",
"scada": false
}
}
},
{
"description": "OpenSSL versions 1.1.x ant\u00e9rieures \u00e0 1.1.1zh",
"product": {
"name": "OpenSSL",
"vendor": {
"name": "OpenSSL",
"scada": false
}
}
},
{
"description": "OpenSSL versions 3.x ant\u00e9rieures \u00e0 3.0.21",
"product": {
"name": "OpenSSL",
"vendor": {
"name": "OpenSSL",
"scada": false
}
}
},
{
"description": "OpenSSL versions 3.6.x ant\u00e9rieures \u00e0 3.6.3",
"product": {
"name": "OpenSSL",
"vendor": {
"name": "OpenSSL",
"scada": false
}
}
},
{
"description": "OpenSSL versions 3.4.x ant\u00e9rieures \u00e0 3.4.6",
"product": {
"name": "OpenSSL",
"vendor": {
"name": "OpenSSL",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2026-34180",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34180"
},
{
"name": "CVE-2026-35188",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-35188"
},
{
"name": "CVE-2026-42766",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42766"
},
{
"name": "CVE-2026-9076",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-9076"
},
{
"name": "CVE-2026-34181",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34181"
},
{
"name": "CVE-2026-42770",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42770"
},
{
"name": "CVE-2026-45445",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45445"
},
{
"name": "CVE-2026-7383",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7383"
},
{
"name": "CVE-2026-42771",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42771"
},
{
"name": "CVE-2026-42765",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42765"
},
{
"name": "CVE-2026-42769",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42769"
},
{
"name": "CVE-2026-45447",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45447"
},
{
"name": "CVE-2026-45446",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45446"
},
{
"name": "CVE-2026-34183",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34183"
},
{
"name": "CVE-2026-42767",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42767"
},
{
"name": "CVE-2026-42764",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42764"
},
{
"name": "CVE-2026-42768",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42768"
},
{
"name": "CVE-2026-34182",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34182"
}
],
"initial_release_date": "2026-06-10T00:00:00",
"last_revision_date": "2026-06-10T00:00:00",
"links": [],
"reference": "CERTFR-2026-AVI-0717",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2026-06-10T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans OpenSSL. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans OpenSSL",
"vendor_advisories": [
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 OpenSSL",
"url": "https://openssl-library.org/news/secadv/20260609.txt"
}
]
}
GHSA-3C8F-QQ7H-7QV6
Vulnerability from github – Published: 2026-06-09 18:30 – Updated: 2026-06-10 09:31Issue summary: Parsing a crafted DER-encoded ASN.1 structure with a primitive element whose content exceeds 2 gigabytes in length may cause a heap buffer over-read on 64-bit Unix and Unix-like platforms.
Impact summary: The heap buffer over-read may crash the application (Denial of Service) or to load into the decoded ASN.1 object contents of memory beyond the end of the input buffer. More typically such ASN.1 elements would instead be truncated.
An integer truncation in OpenSSL's ASN.1 decoder causes the content length of an ASN.1 primitive element to be mishandled when it exceeds 2 gigabytes. In the worst case the truncated length is treated as a request to scan the binary content for a terminating zero byte, possibly causing OpenSSL to read either less than or beyond the end of the allocated buffer.
Applications that pass attacker-supplied data to d2i_X509(), d2i_PKCS7(), or any other d2i_* decoding function are affected. OpenSSL's own command-line tools are not vulnerable, as data read through the BIO layer is checked before it reaches the affected code. The issue only affects 64-bit Unix and Unix-like platforms; 32-bit platforms and 64-bit Windows are not affected.
The FIPS modules in 4.0, 3.6, 3.5, 3.4 and 3.0 are not affected by this issue, as the affected code is outside the OpenSSL FIPS module boundary.
{
"affected": [],
"aliases": [
"CVE-2026-34180"
],
"database_specific": {
"cwe_ids": [
"CWE-125"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-06-09T17:17:04Z",
"severity": "HIGH"
},
"details": "Issue summary: Parsing a crafted DER-encoded ASN.1 structure with a primitive\nelement whose content exceeds 2 gigabytes in length may cause a heap buffer\nover-read on 64-bit Unix and Unix-like platforms.\n\nImpact summary: The heap buffer over-read may crash the application (Denial of\nService) or to load into the decoded ASN.1 object contents of memory beyond the\nend of the input buffer. More typically such ASN.1 elements would instead be\ntruncated.\n\nAn integer truncation in OpenSSL\u0027s ASN.1 decoder causes the content length of\nan ASN.1 primitive element to be mishandled when it exceeds 2 gigabytes. In the\nworst case the truncated length is treated as a request to scan the binary\ncontent for a terminating zero byte, possibly causing OpenSSL to read either\nless than or beyond the end of the allocated buffer.\n\nApplications that pass attacker-supplied data to d2i_X509(), d2i_PKCS7(), or\nany other d2i_* decoding function are affected. OpenSSL\u0027s own command-line\ntools are not vulnerable, as data read through the BIO layer is checked before\nit reaches the affected code. The issue only affects 64-bit Unix and Unix-like\nplatforms; 32-bit platforms and 64-bit Windows are not affected.\n\nThe FIPS modules in 4.0, 3.6, 3.5, 3.4 and 3.0 are not affected by this issue,\nas the affected code is outside the OpenSSL FIPS module boundary.",
"id": "GHSA-3c8f-qq7h-7qv6",
"modified": "2026-06-10T09:31:56Z",
"published": "2026-06-09T18:30:41Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34180"
},
{
"type": "WEB",
"url": "https://github.com/openssl/openssl/commit/1c6908e4fa5fa568752221d8eaf561a809751e5d"
},
{
"type": "WEB",
"url": "https://github.com/openssl/openssl/commit/cbe418ae978539cf14a398a207dba834c0e93e83"
},
{
"type": "WEB",
"url": "https://github.com/openssl/openssl/commit/d93853c42110d6319e3df07842b488cb9f7ac5ff"
},
{
"type": "WEB",
"url": "https://github.com/openssl/openssl/commit/da5d62af75f69d6fbf7803743d7c56ac75461e43"
},
{
"type": "WEB",
"url": "https://github.com/openssl/openssl/commit/f696c73c3e61b8c502d040af62e690c060908a16"
},
{
"type": "WEB",
"url": "https://github.com/openssl/security/commit/1c6908e4fa5fa568752221d8eaf561a809751e5d"
},
{
"type": "WEB",
"url": "https://github.com/openssl/security/commit/cbe418ae978539cf14a398a207dba834c0e93e83"
},
{
"type": "WEB",
"url": "https://github.com/openssl/security/commit/d93853c42110d6319e3df07842b488cb9f7ac5ff"
},
{
"type": "WEB",
"url": "https://github.com/openssl/security/commit/da5d62af75f69d6fbf7803743d7c56ac75461e43"
},
{
"type": "WEB",
"url": "https://github.com/openssl/security/commit/f696c73c3e61b8c502d040af62e690c060908a16"
},
{
"type": "WEB",
"url": "https://openssl-library.org/news/secadv/20260609.txt"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
FKIE_CVE-2026-34180
Vulnerability from fkie_nvd - Published: 2026-06-09 17:17 - Updated: 2026-06-17 10:38| URL | Tags | ||
|---|---|---|---|
| openssl-security@openssl.org | https://github.com/openssl/openssl/commit/1c6908e4fa5fa568752221d8eaf561a809751e5d | Patch | |
| openssl-security@openssl.org | https://github.com/openssl/openssl/commit/cbe418ae978539cf14a398a207dba834c0e93e83 | Patch | |
| openssl-security@openssl.org | https://github.com/openssl/openssl/commit/d93853c42110d6319e3df07842b488cb9f7ac5ff | Patch | |
| openssl-security@openssl.org | https://github.com/openssl/openssl/commit/da5d62af75f69d6fbf7803743d7c56ac75461e43 | Patch | |
| openssl-security@openssl.org | https://github.com/openssl/openssl/commit/f696c73c3e61b8c502d040af62e690c060908a16 | Patch | |
| openssl-security@openssl.org | https://openssl-library.org/news/secadv/20260609.txt | Vendor Advisory |
{
"affected": [
{
"affectedData": [
{
"defaultStatus": "unaffected",
"product": "OpenSSL",
"vendor": "OpenSSL",
"versions": [
{
"lessThan": "4.0.1",
"status": "affected",
"version": "4.0.0",
"versionType": "semver"
},
{
"lessThan": "3.6.3",
"status": "affected",
"version": "3.6.0",
"versionType": "semver"
},
{
"lessThan": "3.5.7",
"status": "affected",
"version": "3.5.0",
"versionType": "semver"
},
{
"lessThan": "3.4.6",
"status": "affected",
"version": "3.4.0",
"versionType": "semver"
},
{
"lessThan": "3.0.21",
"status": "affected",
"version": "3.0.0",
"versionType": "semver"
},
{
"lessThan": "1.1.1zh",
"status": "affected",
"version": "1.1.1",
"versionType": "custom"
},
{
"lessThan": "1.0.2zq",
"status": "affected",
"version": "1.0.2",
"versionType": "custom"
}
]
}
],
"source": "openssl-security@openssl.org"
}
],
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F534B804-67B6-49DA-8A86-0FF21E512908",
"versionEndExcluding": "1.0.2zq",
"versionStartIncluding": "1.0.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",
"matchCriteriaId": "43EFE1E3-4049-4EE6-A2AE-BDBA38E6870F",
"versionEndExcluding": "1.1.1zh",
"versionStartIncluding": "1.1.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EDB88756-EDFE-4886-A267-3F19342A6042",
"versionEndExcluding": "3.0.21",
"versionStartIncluding": "3.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BF7E21E7-AEC0-4882-B1F1-2D056B506F22",
"versionEndExcluding": "3.4.6",
"versionStartIncluding": "3.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6B6B9930-C549-4D88-9784-AF32CCDDB87A",
"versionEndExcluding": "3.5.7",
"versionStartIncluding": "3.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D41B3C45-EC73-4DC8-989D-B2E2792E102F",
"versionEndExcluding": "3.6.3",
"versionStartIncluding": "3.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:4.0.0:-:*:*:*:*:*:*",
"matchCriteriaId": "6E881B9A-1A0A-4BC0-8160-20C00561167D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Issue summary: Parsing a crafted DER-encoded ASN.1 structure with a primitive\nelement whose content exceeds 2 gigabytes in length may cause a heap buffer\nover-read on 64-bit Unix and Unix-like platforms.\n\nImpact summary: The heap buffer over-read may crash the application (Denial of\nService) or to load into the decoded ASN.1 object contents of memory beyond the\nend of the input buffer. More typically such ASN.1 elements would instead be\ntruncated.\n\nAn integer truncation in OpenSSL\u0027s ASN.1 decoder causes the content length of\nan ASN.1 primitive element to be mishandled when it exceeds 2 gigabytes. In the\nworst case the truncated length is treated as a request to scan the binary\ncontent for a terminating zero byte, possibly causing OpenSSL to read either\nless than or beyond the end of the allocated buffer.\n\nApplications that pass attacker-supplied data to d2i_X509(), d2i_PKCS7(), or\nany other d2i_* decoding function are affected. OpenSSL\u0027s own command-line\ntools are not vulnerable, as data read through the BIO layer is checked before\nit reaches the affected code. The issue only affects 64-bit Unix and Unix-like\nplatforms; 32-bit platforms and 64-bit Windows are not affected.\n\nThe FIPS modules in 4.0, 3.6, 3.5, 3.4 and 3.0 are not affected by this issue,\nas the affected code is outside the OpenSSL FIPS module boundary."
}
],
"id": "CVE-2026-34180",
"lastModified": "2026-06-17T10:38:36.660",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
],
"ssvcV203": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"ssvcData": {
"id": "CVE-2026-34180",
"options": [
{
"exploitation": "none"
},
{
"automatable": "no"
},
{
"technicalImpact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-09T19:00:59.503895Z",
"version": "2.0.3"
}
}
]
},
"published": "2026-06-09T17:17:04.600",
"references": [
{
"source": "openssl-security@openssl.org",
"tags": [
"Patch"
],
"url": "https://github.com/openssl/openssl/commit/1c6908e4fa5fa568752221d8eaf561a809751e5d"
},
{
"source": "openssl-security@openssl.org",
"tags": [
"Patch"
],
"url": "https://github.com/openssl/openssl/commit/cbe418ae978539cf14a398a207dba834c0e93e83"
},
{
"source": "openssl-security@openssl.org",
"tags": [
"Patch"
],
"url": "https://github.com/openssl/openssl/commit/d93853c42110d6319e3df07842b488cb9f7ac5ff"
},
{
"source": "openssl-security@openssl.org",
"tags": [
"Patch"
],
"url": "https://github.com/openssl/openssl/commit/da5d62af75f69d6fbf7803743d7c56ac75461e43"
},
{
"source": "openssl-security@openssl.org",
"tags": [
"Patch"
],
"url": "https://github.com/openssl/openssl/commit/f696c73c3e61b8c502d040af62e690c060908a16"
},
{
"source": "openssl-security@openssl.org",
"tags": [
"Vendor Advisory"
],
"url": "https://openssl-library.org/news/secadv/20260609.txt"
}
],
"sourceIdentifier": "openssl-security@openssl.org",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "openssl-security@openssl.org",
"type": "Secondary"
}
]
}
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.