HIGH
Rust Openssl Project
CVE published 2026-04-24
CVE-2026-41676
The CVE record for CVE-2026-41676 was published on 2026-04-24T18:16:29.120Z. This vulnerability affects Rust-OpenSSL versions between 0.9.27 and before 0.10.78. The vulnerability class is related to the Deriver::derive and PkeyCtxRef::derive functions setting the length of the buffer and passing it to EVP_PKEY_derive, relying on OpenSSL to honor it. However, on OpenSSL 1.1.x, certain functions ignore the [truncated]