Cyber Security

OpenSSL 3.6.2 lands with eight CVE fixes

OpenSSL 3.6.2 lands with eight CVE fixes

OpenSSL 3.6.2 patches eight CVEs across a range of components. The project rates the most severe issue in the release as Moderate. What got fixed The release fixes incorrect failure handling in RSA KEM RSASVE encapsulation (CVE-2026-31790) and a loss of key agreement group tuple structure when the DEFAULT keyword is used in server-side configuration of the key-agreement group list (CVE-2026-2673). An out-of-bounds read in AES-CFB-128 on x86-64 CPUs with AVX-512 support (CVE-2026-28386) is also … More

The post OpenSSL 3.6.2 lands with eight CVE fixes appeared first on Help Net Security.

Read More

Related Posts

AI-enabled device code phishing campaign exploits OAuth flow for account takeover

AI-enabled device code phishing campaign exploits OAuth...

RSAC 2026: How AI Is Reshaping Cybersecurity Faster Than Ever

RSAC 2026: How AI Is Reshaping Cybersecurity Faster Tha...

Docker CVE-2026-34040 Lets Attackers Bypass Authorization and Gain Host Access

Docker CVE-2026-34040 Lets Attackers Bypass Authorizati...

Human vs AI: Debates Shape RSAC 2026 Cybersecurity Trends

Human vs AI: Debates Shape RSAC 2026 Cybersecurity Trends

Storm-1175 Deploys Medusa Ransomware at 'High Velocity'

Storm-1175 Deploys Medusa Ransomware at 'High Velocity'

Cybercriminals move deeper into networks, hiding in edge infrastructure

Cybercriminals move deeper into networks, hiding in edg...