CVE-2026-34054 | Microsoft vcpkg up to 3.6.1#2 OpenSSL uncontrolled search path (GHSA-p322-v6vw-vrq9)

A vulnerability, which was classified as problematic, was found in Microsoft vcpkg up to 3.6.1#2. Affected by this issue is some unknown functionality of the component OpenSSL. The manipulation results in uncontrolled search path.

This vulnerability is known as CVE-2026-34054. Attacking locally is a requirement. No exploit is available.

You should upgrade the affected component.VulDB Recent EntriesRead More