Security Advisory

OpenSSL Product Security Update Advisory

  • Apr 27 2026
OpenSSL Product Security Update Advisory

Security update advisory

A security update has been released to address a vulnerability in OpenSSL products. users of these products should update to the latest version.

Vulnerabilities

  • **CVE-2026-28387: A use-after-free vulnerability in OpenSSL.
  • CVE-2026-31789: A heap buffer overflow vulnerability in OpenSSL.

Target Products

  • OpenSSL version 3.6.
  • OpenSSL version 3.5.
  • OpenSSL version 3.4.
  • OpenSSL version 3.3.
  • OpenSSL version 3.0.
  • OpenSSL version 1.1.1.

Patched Version

  • CVE-2026-28387 Affected versions: OpenSSL 3.6.2, 3.5.6, 3.4.5, 3.3.7, 3.0.20, 1.1.1zg.
  • corresponding versions for CVE-2026-31789: OpenSSL 3.6.2, 3.5.6, 3.4.5, 3.3.7, 3.0.20.

note You should follow the instructions on the site to update to the latest version of the Vulnerability Patch.

Tags:
Previous Post

Next Post