CVE-2025-69421 | OpenSSL up to 3.6.0 PKCS#12 PKCS12_item_decrypt_d2i_ex null pointer dereference

Inserito da Angelo Barbosa | Gen 27, 2026 | CVE

A vulnerability was found in OpenSSL up to 3.6.0. It has been classified as problematic. The affected element is the function PKCS12_item_decrypt_d2i_ex of the component PKCS#12 Handler. The manipulation leads to null pointer dereference.

This vulnerability is traded as CVE-2025-69421. It is possible to initiate the attack remotely. There is no exploit available.

Upgrading the affected component is recommended.

CVE-2025-69421 | OpenSSL up to 3.6.0 PKCS#12 PKCS12_item_decrypt_d2i_ex null pointer dereference

Post correlati

CVE-2025-13790 | Scada-LTS up to 2.7.8.1 cross-site request forgery

CVE-2025-66478 | vercel Next.js React Flight Protocol deserialization

CVE-2025-0480 | wuzhicms 4.1.0 config.php test sphinxhost/sphinxport server-side request forgery

CVE-2024-11691 | Mozilla Thunderbird on macOS Apple GPU Driver memory corruption