CVE & CISA-KEV Catalog

CVE-2026-34181

HIGH
7.4
CVSS v3
NVD

Description

Issue Summary: The PKCS#12 file processing fails to perform sufficient input validation for files that use Password-Based Message Authentication Code 1 (PBMAC1) integrity mechanism allowing a certificate and private key forgery. Impact Summary: An attacker impersonating a user can cause a service reading PKCS#12 files to accept forged certificates and private keys with a 1 in 256 probability. If a service accepting PKCS#12 files is using passwords for authenticating the received files, the attacker can create unencrypted PKCS#12 files that use PBMAC1 authentication that specifies an HMAC key of only one byte, allowing them to craft a file that will be accepted with a 1 in 256 probability. That would then cause the service to accept a certificate and private key controlled by the attacker. The FIPS modules are not affected by this issue, as the affected code is outside the OpenSSL FIPS module boundary.

How to fix

Remediation Available
opensslDebian
Fixed in:3.5.6-1~deb13u2CVE-2026-34181
Fixed in:3.6.3-1CVE-2026-34181
opensslRed Hat / RHEL
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
opensslRocky
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
openssl-debuginfoRocky
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
openssl-debuginfoRed Hat / RHEL
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
openssl-debugsourceRed Hat / RHEL
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
openssl-debugsourceRocky
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
openssl-develRed Hat / RHEL
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
openssl-develRocky
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
openssl-libsRocky
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
openssl-libsRed Hat / RHEL
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
openssl-libs-debuginfoRocky
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
openssl-libs-debuginfoRed Hat / RHEL
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
openssl-perlRed Hat / RHEL
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
openssl-perlRocky
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
registry.redhat.io/discovery/discoveryRocky
Fixed in:server-rhel9@sha256:6a26bc89c61e7fad594399ceda8e170d66fa241d818eada7a12d9fec6bb08ecc_amd64RHSA-2026:29197
Fixed in:ui-rhel9@sha256:16b33ed961e598805d155db8fea7bb293fb8ef95ddd45169c61fbeb5a8944b6b_amd64RHSA-2026:29197
Fixed in:server-rhel9@sha256:ccd969d2710875e82896556e7b3c02e39147d03612452af6b0a916b656ce5b34_arm64RHSA-2026:29197
Fixed in:ui-rhel9@sha256:335f5d49155804969d193c3104fd144d7e499e2d5433965b217f379cbcf1cc75_arm64RHSA-2026:29197
registry.redhat.io/discovery/discoveryRed Hat / RHEL
Fixed in:server-rhel9@sha256:6a26bc89c61e7fad594399ceda8e170d66fa241d818eada7a12d9fec6bb08ecc_amd64RHSA-2026:29197
Fixed in:ui-rhel9@sha256:16b33ed961e598805d155db8fea7bb293fb8ef95ddd45169c61fbeb5a8944b6b_amd64RHSA-2026:29197
Fixed in:server-rhel9@sha256:ccd969d2710875e82896556e7b3c02e39147d03612452af6b0a916b656ce5b34_arm64RHSA-2026:29197
Fixed in:ui-rhel9@sha256:335f5d49155804969d193c3104fd144d7e499e2d5433965b217f379cbcf1cc75_arm64RHSA-2026:29197
registry.redhat.io/rhui5/cdsRocky
Fixed in:kubernetes-rhel9@sha256:2958104c085c46561c9453784a06a36ab12a27e21ba1e732b4b30a092bb58805_amd64RHSA-2026:26319
Fixed in:rhel9@sha256:5c18f8336186fb1c9dbc1e710e91420ca3f5eca92b081cace3325585789f4825_amd64RHSA-2026:26319
registry.redhat.io/rhui5/cdsRed Hat / RHEL
Fixed in:rhel9@sha256:5c18f8336186fb1c9dbc1e710e91420ca3f5eca92b081cace3325585789f4825_amd64RHSA-2026:26319
Fixed in:kubernetes-rhel9@sha256:2958104c085c46561c9453784a06a36ab12a27e21ba1e732b4b30a092bb58805_amd64RHSA-2026:26319
registry.redhat.io/rhui5/haproxyRed Hat / RHEL
Fixed in:rhel9@sha256:66ccfb245bd6461e49aa0c84742710b557b9924baaef38e02904c6fd2f8db0c5_amd64RHSA-2026:26319
registry.redhat.io/rhui5/haproxyRocky
Fixed in:rhel9@sha256:66ccfb245bd6461e49aa0c84742710b557b9924baaef38e02904c6fd2f8db0c5_amd64RHSA-2026:26319
registry.redhat.io/rhui5/installerRocky
Fixed in:rhel9@sha256:4b793b24511377dd18beae2f85792e8b2af0c615837155137a62f65e171ca0d7_amd64RHSA-2026:26319
registry.redhat.io/rhui5/installerRed Hat / RHEL
Fixed in:rhel9@sha256:4b793b24511377dd18beae2f85792e8b2af0c615837155137a62f65e171ca0d7_amd64RHSA-2026:26319
registry.redhat.io/rhui5/rhuaRed Hat / RHEL
Fixed in:rhel9@sha256:a79dde325d7229002a36a0a8ad75ae8c25e96004a9e5f0b90c51fc335460dccf_amd64RHSA-2026:26319
registry.redhat.io/rhui5/rhuaRocky
Fixed in:rhel9@sha256:a79dde325d7229002a36a0a8ad75ae8c25e96004a9e5f0b90c51fc335460dccf_amd64RHSA-2026:26319
libssl3Ubuntu
Fixed in:3.0.2-0ubuntu1.25USN-8414-1
libssl3t64Ubuntu
Fixed in:3.0.13-0ubuntu3.11USN-8414-1
Fixed in:3.5.3-1ubuntu3.4USN-8414-1
opensslUbuntu
Fixed in:3.0.2-0ubuntu1.25USN-8414-1
Fixed in:3.0.13-0ubuntu3.11USN-8414-1
Fixed in:3.5.3-1ubuntu3.4USN-8414-1

Remediation is compiled from vendor and distribution security advisories. Always confirm against the linked source for your exact version and platform.

CVSS v3 Vector

Exploitability

Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredNone
User InteractionNone
ScopeUnchanged

Impact

ConfidentialityHigh
IntegrityHigh
AvailabilityNone

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

Exploit Intelligence

0.20%probability of exploitation in 30 days
10thpercentile

Low risk: more likely to be exploited than 10% of all known CVEs.

References

Embed a live status badge for CVE-2026-34181
CVE-2026-34181 severity badge

Markdown

[![CVE-2026-34181](https://tridentstack.com/cve/badge/CVE-2026-34181.svg)](https://tridentstack.com/cve/CVE-2026-34181)

HTML

<a href="https://tridentstack.com/cve/CVE-2026-34181"><img src="https://tridentstack.com/cve/badge/CVE-2026-34181.svg" alt="CVE-2026-34181"></a>

Find and fix vulnerabilities across your fleet

TridentStack Control continuously scans your Windows, macOS, and Linux fleet for known vulnerabilities, prioritizes them by severity and active exploitation, and patches them automatically.

Start free

This product uses NVD data but is not endorsed or certified by the NVD. EPSS scores courtesy of FIRST.org (https://www.first.org/epss). Source: CISA KEV Catalog. Data as of 2026-06-15.