CVE search results

11 – 20 of 248 results

Detailed view

Sort by:

CVE-2026-42766

Low priority

Some fixes available 9 of 17

Possible NULL Dereference in Password-Based CMS Decryption

5 affected packages

edk2, nodejs, openssl, openssl-fips, openssl1.0

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
edk2	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
nodejs	Not affected	Not affected	Vulnerable	Not affected	Needs evaluation
openssl	Fixed	Fixed	Fixed	Fixed	Fixed
openssl-fips	Not in release	Not in release	Not in release	—	—
openssl1.0	Not in release	Not in release	Not in release	—	Fixed

CVE-2026-42765

Low priority

Vulnerable

NULL Dereference in Certificate Verification with OCSP Checking

5 affected packages

edk2, nodejs, openssl, openssl-fips, openssl1.0

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
edk2	Not affected	Not affected	Not affected	Not affected	Not affected
nodejs	Not affected	Not affected	Vulnerable	Not affected	Not affected
openssl	Not affected	Not affected	Not affected	Not affected	Not affected
openssl-fips	Not in release	Not affected	Not affected	—	—
openssl1.0	Not in release	Not in release	Not in release	—	Not affected

CVE-2026-42764

Medium priority

Some fixes available 2 of 4

NULL pointer dereference in QUIC server initial packet handling

5 affected packages

edk2, nodejs, openssl, openssl-fips, openssl1.0

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
edk2	Needs evaluation	Not affected	Not affected	Not affected	Not affected
nodejs	Not affected	Not affected	Vulnerable	Not affected	Not affected
openssl	Fixed	Not affected	Not affected	Not affected	Not affected
openssl-fips	Not in release	Not affected	Not affected	—	—
openssl1.0	Not in release	Not in release	Not in release	—	Not affected

CVE-2026-35188

Medium priority

Vulnerable

Double-free When Checking OCSP Stapled Response

5 affected packages

edk2, nodejs, openssl, openssl-fips, openssl1.0

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
edk2	Not affected	Not affected	Not affected	Not affected	Not affected
nodejs	Not affected	Not affected	Vulnerable	Not affected	Not affected
openssl	Not affected	Not affected	Not affected	Not affected	Not affected
openssl-fips	Not in release	Not affected	Not affected	—	—
openssl1.0	Not in release	Not in release	Not in release	—	Not affected

CVE-2026-34183

Medium priority

Some fixes available 2 of 5

Unbounded Memory Growth in the QUIC PATH_CHALLENGE Handler

5 affected packages

edk2, nodejs, openssl, openssl-fips, openssl1.0

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
edk2	Needs evaluation	Not affected	Not affected	Not affected	Not affected
nodejs	Not affected	Not affected	Vulnerable	Not affected	Not affected
openssl	Fixed	Not affected	Not affected	Not affected	Not affected
openssl-fips	Not in release	Not affected	Not affected	—	—
openssl1.0	Not in release	Not in release	Not in release	—	Not affected

CVE-2026-34182

Medium priority

Some fixes available 4 of 8

CMS AuthEnvelopedData Processing May Accept Forged Messages

5 affected packages

edk2, nodejs, openssl, openssl-fips, openssl1.0

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
edk2	Needs evaluation	Needs evaluation	Not affected	Not affected	Not affected
nodejs	Not affected	Not affected	Vulnerable	Not affected	Not affected
openssl	Fixed	Fixed	Fixed	Not affected	Not affected
openssl-fips	Not in release	Not in release	Not in release	—	—
openssl1.0	Not in release	Not in release	Not in release	—	Not affected

CVE-2026-34181

Low priority

Some fixes available 2 of 5

PKCS#12 Files with PBMAC1 Are Accepted with Short HMAC Keys

5 affected packages

edk2, nodejs, openssl, openssl-fips, openssl1.0

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
edk2	Needs evaluation	Not affected	Not affected	Not affected	Not affected
nodejs	Not affected	Not affected	Vulnerable	Not affected	Not affected
openssl	Fixed	Not affected	Not affected	Not affected	Not affected
openssl-fips	Not in release	Not affected	Not affected	—	—
openssl1.0	Not in release	Not in release	Not in release	—	Not affected

CVE-2026-34180

Low priority

Some fixes available 9 of 17

Heap Buffer Over-read in ASN.1 Content Parsing

5 affected packages

edk2, nodejs, openssl, openssl-fips, openssl1.0

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
edk2	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
nodejs	Not affected	Not affected	Vulnerable	Not affected	Needs evaluation
openssl	Fixed	Fixed	Fixed	Fixed	Fixed
openssl-fips	Not in release	Not in release	Not in release	—	—
openssl1.0	Not in release	Not in release	Not in release	—	Fixed

CVE-2026-31790

Medium priority

Some fixes available 4 of 7

Issue summary: Applications using RSASVE key encapsulation to establish a secret encryption key can send contents of an uninitialized memory buffer to a malicious peer. Impact summary: The uninitialized buffer might contain...

5 affected packages

edk2, nodejs, openssl, openssl-fips, openssl1.0

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
edk2	Vulnerable	Vulnerable	Not affected	Not affected	Not affected
nodejs	Not affected	Not affected	Not affected	Not affected	Not affected
openssl	Fixed	Fixed	Fixed	Not affected	Not affected
openssl-fips	Not in release	Not in release	Not in release	—	—
openssl1.0	Not in release	Not in release	Not in release	—	Not affected

CVE-2026-31789

Low priority

Some fixes available 4 of 7

Issue summary: Converting an excessively large OCTET STRING value to a hexadecimal string leads to a heap buffer overflow on 32 bit platforms. Impact summary: A heap buffer overflow may lead to a crash or possibly an attacker...

5 affected packages

edk2, nodejs, openssl, openssl-fips, openssl1.0

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
edk2	Vulnerable	Vulnerable	Not affected	Not affected	Not affected
nodejs	Not affected	Not affected	Not affected	Not affected	Not affected
openssl	Fixed	Fixed	Fixed	Not affected	Not affected
openssl-fips	Not in release	Not in release	Not in release	—	—
openssl1.0	Not in release	Not in release	Not in release	—	Not affected

Export to JSON

Results by page:

Search CVE reports