CVE-2026-31790 | OpenSSL up to 3.0.19/3.3.6/3.4.4/3.5.5/3.6.1 RSA KEM RSASVE Encapsulation RSA_public_encrypt uninitialized pointer

Inserito da Angelo Barbosa | Apr 7, 2026 | CVE

A vulnerability was found in OpenSSL up to 3.0.19/3.3.6/3.4.4/3.5.5/3.6.1. It has been declared as problematic. The affected element is the function RSA_public_encrypt of the component RSA KEM RSASVE Encapsulation. Executing a manipulation can lead to uninitialized pointer.

This vulnerability is registered as CVE-2026-31790. It is possible to launch the attack remotely. No exploit is available.

It is recommended to upgrade the affected component.

CVE-2026-31790 | OpenSSL up to 3.0.19/3.3.6/3.4.4/3.5.5/3.6.1 RSA KEM RSASVE Encapsulation RSA_public_encrypt uninitialized pointer

Post correlati

CVE-2024-11371 | slimndap Theater Plugin up to 0.18.6.2 on WordPress add_query_arg cross site scripting

CVE-2024-39524 | Juniper Networks Junos OS Evolved prior 22.4R2-EVO CLI os command injection (JSA82975)

CVE-2024-0491 | Huaxia ERP up to 3.1 UserController.java password recovery

CVE-2024-0217 | PackageKitd prior 1.2.7 use after free