CVE-2026-41677 - rust-openssl: Out-of-bounds read in PEM password callback when user callback returns an oversized length
CVE ID :CVE-2026-41677 Published : April 24, 2026, 5:17 p.m. | 39 minutes ago Description :rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.9.0 to before 0.10.78, the *_from_pem_callback APIs did not validate the length returned by the user's callback. A passwo
ORIGINAL SOURCE →via CVE Feed Latest
ADVERTISEMENT
⚡ STAY AHEAD
Events like this, convergence-verified across 689 sources, land in your inbox every Sunday. Free.
GET THE SUNDAY BRIEFING →RELATED · cyber
- [CYBER] Ransomware groups are using "post-quantum" hype to intimidate victims
- [CYBER] CVE-2026-41433 - OpenTelemetry eBPF Instrumentation: Privileged Java agent injection allows arbitrary host file overwrite via untrusted TMPDIR
- [CYBER] CVE-2026-41427 - Better Auth OAuth 2.1 Provider: Unprivileged users can register OAuth clients
- [CYBER] CVE-2026-41429 - Improper validation of NBNS name_len in arduino-esp32 NetBIOS leads to memory corruption
- [CYBER] CVE-2026-41428 - Budibase: Authentication Bypass via Unanchored Regex in Public Endpoint Matcher — Unauthenticated Access to Protected Endpoints
- [CYBER] CVE-2026-41907 - uuid: Missing buffer bounds check in `v3`/`v5`/`v6` when `buf` is provided