CVE-2026-41898 - rust-openssl: Unchecked callback-returned length in PSK and cookie generate trampolines can cause OpenSSL to leak adjacent memory to the network peer
CVE ID :CVE-2026-41898 Published : April 24, 2026, 5:20 p.m. | 36 minutes ago Description :rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.9.24 to before 0.10.78, the FFI trampolines behind SslContextBuilder::set_psk_client_callback, set_psk_server_callback, s
ORIGINAL SOURCE →via CVE Feed Latest
ADVERTISEMENT
⚡ STAY AHEAD
Events like this, convergence-verified across 689 sources, land in your inbox every Sunday. Free.
GET THE SUNDAY BRIEFING →RELATED · cyber
- [CYBER] Ransomware groups are using "post-quantum" hype to intimidate victims
- [CYBER] CVE-2026-41433 - OpenTelemetry eBPF Instrumentation: Privileged Java agent injection allows arbitrary host file overwrite via untrusted TMPDIR
- [CYBER] CVE-2026-41427 - Better Auth OAuth 2.1 Provider: Unprivileged users can register OAuth clients
- [CYBER] CVE-2026-41429 - Improper validation of NBNS name_len in arduino-esp32 NetBIOS leads to memory corruption
- [CYBER] CVE-2026-41428 - Budibase: Authentication Bypass via Unanchored Regex in Public Endpoint Matcher — Unauthenticated Access to Protected Endpoints
- [CYBER] CVE-2026-41907 - uuid: Missing buffer bounds check in `v3`/`v5`/`v6` when `buf` is provided