OCaml CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

Review OCaml CVE published 2026-06-15

CVE-2026-45389

A vulnerability was discovered in OCaml-TLS before version 2.1.0. The server implementation performs insufficient checks on the certificate provided by the client during client authentication. This flaw allows for impersonation using certificates that are not intended for client authentication, due to improper validation of KeyUsage and ExtendedKeyUsage.

HIGH OCaml CVE published 2026-04-16

CVE-2026-41082

CVE-2026-41082 is a HIGH-severity vulnerability in OCaml opam, a package manager for OCaml. The vulnerability allows a .install field to use ../ to reach a parent directory, potentially leading to security issues.