CVE-2026-45447 | OpenSSL up to 4.0.0 PKCS7_verify digestAlgorithms use after free

A vulnerability labeled as critical has been found in OpenSSL up to 3.0.20/3.4.5/3.5.6/3.6.2/4.0.0. Affected by this issue is the function PKCS7_verify. The manipulation of the argument digestAlgorithms results in use after free.

This vulnerability is identified as CVE-2026-45447. The attack can be executed remotely. There is not any exploit available.

The affected component should be upgraded.VulDB Recent EntriesRead More