OpenSSL Product Security Update Advisory (CVE-2025-69421)

Feb 03 2026

Overview

We have released a security update to address a vulnerability in our OpenSSL products. Users of affected products are advised to update to the latest version.

Affected Products

CVE-2025-69421

OpenSSL version: 3.6
OpenSSL version: 3.5
OpenSSL version: 3.4
OpenSSL version: 3.3

Resolved Vulnerabilities

Vulnerability in PKCS#12 MAC validation in OpenSSL due to lack of validation of PBMAC1 parameter (CVE-2025-69421)

Vulnerability Patches

Vulnerability patches have been made available in the latest updates. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

CVE-2025-69421

OpenSSL version: 3.6.1
OpenSSL version: 3.5.5
OpenSSL version: 3.4.4
OpenSSL version: 3.3.6

References

[1] OpenSSL Security Advisory [27th January 2026]
https://openssl-library.org/news/secadv/20260127.txt

OpenSSL Product Security Update Advisory (CVE-2025-69421)

Microsoft Edge browser (144.0.3719.104) version security update advisory

Google Chrome browser security update advisory

Tags:

Microsoft Edge browser (144.0.3719.104) version security update advisory

Google Chrome browser security update advisory