Critical OpenSSL Vulnerabilities Enable Remote Code Execution Attacks

A critical vulnerability in OpenSSL, disclosed in a security advisory on June 9, 2026, allows for remote code execution. This severe flaw arises when applications process specially crafted PKCS7 or S/MIME signed messages.

The flaw, tracked as CVE‑2026‑45447, is a heap use‑after‑free bug in the PKCS7_verify function that can corrupt memory and, in some deployment scenarios, allow attackers to run arbitrary code on vulnerable systems.

The issue occurs when a signed message contains an empty SignedData.digestAlgorithms ASN.1 SET, which causes OpenSSL to free a BIO object owned by the calling application while still leaving that application unaware of the change.

If the application later reuses or frees the same BIO, it may encounter a use‑after‑free condition that can result in crashes, heap corruption, or controlled exploitation, depending on the allocator’s behavior and how the BIO is managed.

Critical OpenSSL RCE Vulnerabilities

The vulnerability affects applications that use OpenSSL’s PKCS7 APIs to verify PKCS7 or S/MIME signatures. In contrast, those that rely on the CMS APIs for the same functionality are not impacted.

The advisory states that OpenSSL versions 4.0, 3.6, 3.5, 3.4, 3.0, 1.1.1, and 1.0.2 are all vulnerable to CVE‑2026‑45447, and it provides patched releases for each affected branch.

Administrators are urged to upgrade to OpenSSL 4.0.1, 3.6.3, 3.5.7, 3.4.6, or 3.0.21, while customers with extended support for legacy lines should move to 1.1.1zh or 1.0.2zq.

The FIPS modules for 4.0, 3.6, 3.5, 3.4, and 3.0 are not impacted by this particular issue, as the vulnerable code lies outside the FIPS boundary.

Alongside the critical PKCS7 bug, the advisory details numerous additional vulnerabilities, ranging from high to moderate severity, targeting different parts of the OpenSSL codebase.

These include weaknesses in CMS AuthEnvelopedData processing that can grant key‑equivalent capabilities or integrity bypass. QUIC logic flaws that enable denial‑of‑service through memory exhaustion or NULL pointer dereferences.

An AES‑OCB misuse issue where IVs are silently ignored when using the low‑level EVP_Cipher interface, breaking nonce uniqueness and tag authenticity.

Several ASN.1 parsing bugs, PKCS12 PBMAC1 validation issues, CMS password‑based decryption problems. CMP handling flaws also appear, many of which primarily lead to denial‑of‑service but in some cases may enable more advanced cryptographic attacks.

OpenSSL’s own protocols such as TLS, QUIC, CMS, PKCS7, HPKE, and S/MIME are affected in different combinations depending on the specific vulnerability, configuration, and feature usage.

However, some of the most dangerous cryptographic weaknesses affect only custom applications that use low‑level EVP primitives or implement bespoke messaging protocols on top of OpenSSL.

Especially when they fail to enforce strict input validation or rely on error codes as oracles. The OpenSSL team recommends that organizations not only patch to the latest versions but also audit their use of PKCS7, CMS, QUIC, AES‑OCB, AES‑SIV, and PKCS12 workflows to identify any high‑risk exposure.

Where upgrading is delayed, turn off nonessential features such as OCSP stapling and vulnerable PKCS7‑based paths as an interim hardening step.

Disclaimer: HackersRadar reports on cybersecurity threats and incidents for informational and awareness purposes only. We do not engage in hacking activities, data exfiltration, or the hosting or distribution of stolen or leaked information. All content is based on publicly available sources.