A vulnerability, which was classified as critical, has been found in rust-openssl up to 0.10.77. This affects the function EVP_DigestFinal. Performing a manipulation results in stack-based buffer overflow. This vulnerability was named CVE-2026-41681. The attack may be initiated remotely.
| Vendor | Product | Versions |
|---|---|---|
| rust-openssl_project | rust-openssl | rust/openssl: >= 0.10.39, < 0.10.78 |
Downstream vendors/products affected by this vulnerability
| Vendor | Product | Source | Confidence |
|---|---|---|---|
| oracle | oracle linux | cert_advisory | 90% |
Updated severity to CRITICAL, added CVE-2026-41681, and noted that there is no available exploit.
Initial creation