CVE & CISA-KEV Catalog

CVE-2026-45446

MEDIUM
4.8
CVSS v3
NVD

Description

Issue summary: The implementations of AES-SIV (RFC 5297) and AES-GCM-SIV (RFC 8452) mishandle the authentication of AAD (Additional Authenticated Data) with an empty ciphertext allowing a forgery of such messages. Impact summary: An attacker can forge empty messages with arbitrary AAD to the victim's application using these ciphers. AES-SIV (RFC 5297) and AES-GCM-SIV (RFC 8452) are nonce-misuse-resistant AEAD modes: they accept a key, nonce, optional AAD (bytes that are authenticated but not encrypted), and plaintext, and produces ciphertext plus a 16-byte tag. On decrypt, `EVP_DecryptFinal_ex()` is documented to return success only if the tag is verified succesfully. In OpenSSL's provider implementation of these ciphers, the expected tag is computed only when decryption function is invoked with non-empty data. If the caller supplies AAD and then calls `EVP_DecryptFinal_ex()` without invocation of the ciphertext update, which can happen when the received ciphertext length is zero, the tag is never recalculated and still holds its all-zeros value. When AES-GCM-SIV is used, an attacker who sends arbitrary AAD, empty ciphertext, and all-zeros tag passes authentication under any key they do not know, single-shot. When AES-SIV is used, for mounting the attack it's necessary for the application to reuse the decryption context without resetting the key. AES-SIV is implemented since OpenSSL 3.0. AES-GCM-SIV is implemented since OpenSSL 3.2. No protocols implemented in OpenSSL itself (TLS/CMS/PKCS7/HPKE/QUIC) support either AES-GCM-SIV or AES-SIV. To mount an attack, the applications must implement their own protocol and use the EVP interface. Also they must skip the ciphertext update when a message with an empty ciphertext arrives. The FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are not affected by this issue, as these algorithms are not FIPS approved and the affected code is outside the OpenSSL FIPS module boundary.

How to fix

Remediation Available
opensslDebian
Fixed in:3.0.20-1~deb12u2CVE-2026-45446
Fixed in:3.5.6-1~deb13u2CVE-2026-45446
Fixed in:3.6.3-1CVE-2026-45446
opensslRed Hat / RHEL
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
opensslRocky
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
openssl-debuginfoRed Hat / RHEL
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
openssl-debuginfoRocky
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
openssl-debugsourceRocky
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
openssl-debugsourceRed Hat / RHEL
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
openssl-develRocky
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
openssl-develRed Hat / RHEL
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
openssl-libsRocky
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
openssl-libsRed Hat / RHEL
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
openssl-libs-debuginfoRed Hat / RHEL
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
openssl-libs-debuginfoRocky
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
openssl-perlRocky
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
openssl-perlRed Hat / RHEL
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el10_2RHSA-2026:25237
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
Fixed in:1:3.5.5-4.el9_8RHSA-2026:25239
registry.redhat.io/discovery/discoveryRed Hat / RHEL
Fixed in:ui-rhel9@sha256:335f5d49155804969d193c3104fd144d7e499e2d5433965b217f379cbcf1cc75_arm64RHSA-2026:29197
Fixed in:server-rhel9@sha256:6a26bc89c61e7fad594399ceda8e170d66fa241d818eada7a12d9fec6bb08ecc_amd64RHSA-2026:29197
Fixed in:server-rhel9@sha256:ccd969d2710875e82896556e7b3c02e39147d03612452af6b0a916b656ce5b34_arm64RHSA-2026:29197
Fixed in:ui-rhel9@sha256:16b33ed961e598805d155db8fea7bb293fb8ef95ddd45169c61fbeb5a8944b6b_amd64RHSA-2026:29197
registry.redhat.io/discovery/discoveryRocky
Fixed in:server-rhel9@sha256:6a26bc89c61e7fad594399ceda8e170d66fa241d818eada7a12d9fec6bb08ecc_amd64RHSA-2026:29197
Fixed in:ui-rhel9@sha256:16b33ed961e598805d155db8fea7bb293fb8ef95ddd45169c61fbeb5a8944b6b_amd64RHSA-2026:29197
Fixed in:ui-rhel9@sha256:335f5d49155804969d193c3104fd144d7e499e2d5433965b217f379cbcf1cc75_arm64RHSA-2026:29197
Fixed in:server-rhel9@sha256:ccd969d2710875e82896556e7b3c02e39147d03612452af6b0a916b656ce5b34_arm64RHSA-2026:29197
registry.redhat.io/rhui5/cdsRed Hat / RHEL
Fixed in:rhel9@sha256:5c18f8336186fb1c9dbc1e710e91420ca3f5eca92b081cace3325585789f4825_amd64RHSA-2026:26319
Fixed in:kubernetes-rhel9@sha256:2958104c085c46561c9453784a06a36ab12a27e21ba1e732b4b30a092bb58805_amd64RHSA-2026:26319
registry.redhat.io/rhui5/cdsRocky
Fixed in:kubernetes-rhel9@sha256:2958104c085c46561c9453784a06a36ab12a27e21ba1e732b4b30a092bb58805_amd64RHSA-2026:26319
Fixed in:rhel9@sha256:5c18f8336186fb1c9dbc1e710e91420ca3f5eca92b081cace3325585789f4825_amd64RHSA-2026:26319
registry.redhat.io/rhui5/haproxyRed Hat / RHEL
Fixed in:rhel9@sha256:66ccfb245bd6461e49aa0c84742710b557b9924baaef38e02904c6fd2f8db0c5_amd64RHSA-2026:26319
registry.redhat.io/rhui5/haproxyRocky
Fixed in:rhel9@sha256:66ccfb245bd6461e49aa0c84742710b557b9924baaef38e02904c6fd2f8db0c5_amd64RHSA-2026:26319
registry.redhat.io/rhui5/installerRed Hat / RHEL
Fixed in:rhel9@sha256:4b793b24511377dd18beae2f85792e8b2af0c615837155137a62f65e171ca0d7_amd64RHSA-2026:26319
registry.redhat.io/rhui5/installerRocky
Fixed in:rhel9@sha256:4b793b24511377dd18beae2f85792e8b2af0c615837155137a62f65e171ca0d7_amd64RHSA-2026:26319
registry.redhat.io/rhui5/rhuaRed Hat / RHEL
Fixed in:rhel9@sha256:a79dde325d7229002a36a0a8ad75ae8c25e96004a9e5f0b90c51fc335460dccf_amd64RHSA-2026:26319
registry.redhat.io/rhui5/rhuaRocky
Fixed in:rhel9@sha256:a79dde325d7229002a36a0a8ad75ae8c25e96004a9e5f0b90c51fc335460dccf_amd64RHSA-2026:26319
libssl3Ubuntu
Fixed in:3.0.2-0ubuntu1.25USN-8414-1
libssl3t64Ubuntu
Fixed in:3.0.13-0ubuntu3.11USN-8414-1
Fixed in:3.5.3-1ubuntu3.4USN-8414-1
opensslUbuntu
Fixed in:3.0.2-0ubuntu1.25USN-8414-1
Fixed in:3.0.13-0ubuntu3.11USN-8414-1
Fixed in:3.5.3-1ubuntu3.4USN-8414-1

Remediation is compiled from vendor and distribution security advisories. Always confirm against the linked source for your exact version and platform.

CVSS v3 Vector

Exploitability

Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredNone
User InteractionNone
ScopeUnchanged

Impact

ConfidentialityLow
IntegrityLow
AvailabilityNone

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

Exploit Intelligence

0.21%probability of exploitation in 30 days
11thpercentile

Low risk: more likely to be exploited than 11% of all known CVEs.

References

Embed a live status badge for CVE-2026-45446
CVE-2026-45446 severity badge

Markdown

[![CVE-2026-45446](https://tridentstack.com/cve/badge/CVE-2026-45446.svg)](https://tridentstack.com/cve/CVE-2026-45446)

HTML

<a href="https://tridentstack.com/cve/CVE-2026-45446"><img src="https://tridentstack.com/cve/badge/CVE-2026-45446.svg" alt="CVE-2026-45446"></a>

Find and fix vulnerabilities across your fleet

TridentStack Control continuously scans your Windows, macOS, and Linux fleet for known vulnerabilities, prioritizes them by severity and active exploitation, and patches them automatically.

Start free

This product uses NVD data but is not endorsed or certified by the NVD. EPSS scores courtesy of FIRST.org (https://www.first.org/epss). Source: CISA KEV Catalog. Data as of 2026-06-16.