CVE 9.8 CRITICAL

Heap Use-After-Free in the PKCS7_verify() Function_CVE-2026-45447

June 9, 2026 invoker category_cve

9.8 / 10

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Description

Issue summary: A specially crafted PKCS#7 or S/MIME signed message could
trigger a use-after-free during PKCS#7 signature verification.

Impact summary: A use-after-free may result in process crashes, heap
corruption, or potentially remote code execution.

When processing a PKCS#7 or S/MIME signed message, if the SignedData
digestAlgorithms field is present as an empty ASN.1 SET, OpenSSL may
incorrectly free a caller-owned BIO during PKCS7_verify(). A subsequent
use of the BIO by the calling application results in a use-after-free
condition.

In the common case this occurs when the application later calls
BIO_free() on the BIO originally passed to PKCS7_verify(). Depending
on allocator behavior and application-specific BIO usage patterns, this
may result in a crash or other memory corruption. In some application
contexts this may potentially be exploitable for remote code execution.

Applications that process PKCS#7 or S/MIME signed messages using OpenSSL
PKCS#7 APIs may be affected. Applications using the CMS APIs for this
processing are not affected.

The FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are not affected by this
issue, as the affected code is outside the OpenSSL FIPS module boundary.

AI Analysis

Heap Use-After-Free in the PKCS7_verify() Function, potentially allowing remote code execution

Basic Information

ID CVE-2026-45447

Source openssl

Published Jun 9, 2026 at 16:03

Modified Jun 9, 2026 at 18:45

Affected Product

Vendor OpenSSL

Product OpenSSL

Version 4.0.0, 3.6.0, 3.5.0, 3.4.0, 3.0.0, 1.1.1, 1.0.2

Affected Versions OpenSSL OpenSSL 4.0.0
OpenSSL OpenSSL 3.6.0
OpenSSL OpenSSL 3.5.0
OpenSSL OpenSSL 3.4.0
OpenSSL OpenSSL 3.0.0
OpenSSL OpenSSL 1.1.1
OpenSSL OpenSSL 1.0.2

CWE Classification

CWE-416

AI Assessment

AI Score 9.8 / 10

AI Severity Critical

Vendor OpenSSL

Product OpenSSL

Version 4.0.0, 3.6.0, 3.5.0, 3.4.0, 3.0.0, 1.1.1, 1.0.2

References

{
    "lastseen": "",
    "description": "Issue summary: A specially crafted PKCS#7 or S/MIME signed message could\ntrigger a use-after-free during PKCS#7 signature verification.\n\nImpact summary: A use-after-free may result in process crashes, heap\ncorruption, or potentially remote code execution.\n\nWhen processing a PKCS#7 or S/MIME signed message, if the SignedData\ndigestAlgorithms field is present as an empty ASN.1 SET, OpenSSL may\nincorrectly free a caller-owned BIO during PKCS7_verify(). A subsequent\nuse of the BIO by the calling application results in a use-after-free\ncondition.\n\nIn the common case this occurs when the application later calls\nBIO_free() on the BIO originally passed to PKCS7_verify(). Depending\non allocator behavior and application-specific BIO usage patterns, this\nmay result in a crash or other memory corruption. In some application\ncontexts this may potentially be exploitable for remote code execution.\n\nApplications that process PKCS#7 or S/MIME signed messages using OpenSSL\nPKCS#7 APIs may be affected. Applications using the CMS APIs for this\nprocessing are not affected.\n\nThe FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are not affected by this\nissue, as the affected code is outside the OpenSSL FIPS module boundary.",
    "published": "2026-06-09T16:03:32.914Z",
    "modified": "2026-06-09T18:45:55.205Z",
    "type": "cve",
    "title": "Heap Use-After-Free in the PKCS7_verify() Function",
    "source": "openssl",
    "references": "https://openssl-library.org/news/secadv/20260609.txt\nhttps://github.com/openssl/security/commit/3aad5eb7af4de4ee0633c30a8541a54d9bbde63c\nhttps://github.com/openssl/security/commit/c505d7559da5d5f9f2c3913c6883a5562ce7273e\nhttps://github.com/openssl/security/commit/7d4a980c62258c5910cc883936e0c8dbab4d75a8\nhttps://github.com/openssl/security/commit/a541ae8bfe849a30cc885e8780715c0f488e496c\nhttps://github.com/openssl/security/commit/9dfd688ad2290fc5075cacbc9bf0c9a93eefed54",
    "id": "CVE-2026-45447",
    "bulletinFamily": "",
    "cwe": [
        "CWE-416"
    ],
    "cvelist": null,
    "sourceData": "OpenSSL OpenSSL 4.0.0\nOpenSSL OpenSSL 3.6.0\nOpenSSL OpenSSL 3.5.0\nOpenSSL OpenSSL 3.4.0\nOpenSSL OpenSSL 3.0.0\nOpenSSL OpenSSL 1.1.1\nOpenSSL OpenSSL 1.0.2",
    "sourceHref": "",
    "cvss": {
        "score": 9.8,
        "severity": "CRITICAL",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "OpenSSL",
    "version": "4.0.0, 3.6.0, 3.5.0, 3.4.0, 3.0.0, 1.1.1, 1.0.2",
    "vendor": "OpenSSL",
    "ai_description": "Heap Use-After-Free in the PKCS7_verify() Function, potentially allowing remote code execution",
    "ai_severity": "Critical",
    "ai_vendor": "OpenSSL",
    "ai_product": "OpenSSL",
    "ai_version": "4.0.0, 3.6.0, 3.5.0, 3.4.0, 3.0.0, 1.1.1, 1.0.2",
    "ai_score": 9.8
}

💭 Join the Security Discussion ❌ Cancel Reply