CVE-2026-34054 | Microsoft vcpkg up to 3.6.1#2 OpenSSL uncontrolled search path (GHSA-p322-v6vw-vrq9)

Inserito da Angelo Barbosa | Mar 31, 2026 | CVE

A vulnerability, which was classified as problematic, was found in Microsoft vcpkg up to 3.6.1#2. Affected by this issue is some unknown functionality of the component OpenSSL. The manipulation results in uncontrolled search path.

This vulnerability is known as CVE-2026-34054. Attacking locally is a requirement. No exploit is available.

You should upgrade the affected component.

CVE-2026-34054 | Microsoft vcpkg up to 3.6.1#2 OpenSSL uncontrolled search path (GHSA-p322-v6vw-vrq9)

Post correlati

CVE-2025-32402 | RT-Labs P-Net up to 1.0.1 RPC Packet out-of-bounds write

CVE-2024-43967 | Stark Digital WP Testimonial Widget Plugin up to 3.1 on WordPress cross site scripting

CVE-2025-7947 | jshERP up to 3.5 Account /user/delete ID improper authorization (Issue 124)

CVE-2024-27926 | RSSHub Internal Media Proxy cross site scripting