CVE-2026-9076 | OpenSSL up to 4.0.0 kek_unwrap_key out-of-bounds

A vulnerability marked as problematic has been reported in OpenSSL up to 3.0.20/3.4.5/3.5.6/3.6.2/4.0.0. This affects the function kek_unwrap_key. This manipulation causes out-of-bounds read.

This vulnerability is tracked as CVE-2026-9076. The attack is possible to be carried out remotely. No exploit exists.

It is suggested to upgrade the affected component.VulDB Recent EntriesRead More