OpenSSL Product Security Update Advisory
Overview. An out-of-bounds read vulnerability (CVE-2026-28386) and a NULL pointer dereference vulnerability (CVE-2026-28388, CVE-2026-28389, CVE-2026-28390) in OpenSSL have been disclosed. affected products are systems and applications that use the OpenSSL library. Vulnerability Summary. CVE-2026-28386: An out-of-bounds read vulnerability. CVE-2026-28388: NULL pointer dereference vulnerability. CVE-2026-28389: NULL pointer dereference vulnerability. CVE-2026-28390: NULL
