OpenSSL PKCS7_verify heap use-after-free on empty SignedData.digestAlgorithms (High; fixed 4.0.1/3.6.3/3.5.7/3.4.6/3.0.21) — out-of-window drop this run
cve · CVE-2026-45447
Coverage timeline
2
first 2026-06-13 → last 2026-06-13
Briefs
2
2 distinct
Sources cited
3
3 hosts
Sections touched
0
—
Co-occurring entities
0
no co-occurrence
Story timeline
- 2026-06-15CTI Daily Brief — 2026-06-15
- 2026-06-13CTI Daily Brief — 2026-06-13
Source distribution
- openwall.com1 (33%)
- thehackernews.com1 (33%)
- xbow.com1 (33%)
External references
All cited sources (3)
- openwall.cominlineoss-security, 2026-05-12https://www.openwall.com/lists/oss-security/2026/05/12/4
- thehackernews.cominlineThe Hacker News, 2026-05-12https://thehackernews.com/2026/05/new-exim-bdat-vulnerability-exposes.html
- xbow.cominlineXBOW research, 2026-05-12https://xbow.com/blog/dead-letter-cve-2026-45185-xbow-found-rce-exim
Items in briefs about OpenSSL PKCS7_verify heap use-after-free on empty SignedData.digestAlgorithms (High; fixed 4.0.1/3.6.3/3.5.7/3.4.6/3.0.21) — out-of-window drop this run
No parsed item heading or body matches this entity yet. Items match by exact CVE id (for CVE entities), by lead-segment substring of the title in the item heading or body, or by a distinctive anchor token from the title appearing in the item heading. Coverage that lives inside a broader section (no per-item heading) is captured by the Story timeline above.