Cyber Resilience

CVE-2026-28386

High

Published: 07 April 2026

Published
07 April 2026
Modified
24 April 2026
KEV Added
Patch
CVSS Score v3.1 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score 0.0031 23.1th percentile
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2026-28386 is a high-severity Out-of-bounds Read (CWE-125) vulnerability in Openssl Openssl. Its CVSS base score is 7.5 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Application or System Exploitation (T1499.004); ranked at the 23.1th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 RA-5 (Vulnerability Monitoring and Scanning) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2026-28386 is an out-of-bounds read vulnerability affecting the OpenSSL FIPS module version 3.6, specifically in applications performing AES-CFB128 encryption or decryption on x86-64 systems equipped with AVX-512 and VAES instruction set support. The issue arises when processing partial cipher blocks, where a previous operation left an incomplete block and the current input provides fewer bytes than needed to complete it, leading to an over-read of up to 15 bytes. Other architectures or systems lacking VAES support follow unaffected code paths. The vulnerability carries a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) and is classified under CWE-125 (Out-of-bounds Read).

A remote, unauthenticated attacker can exploit this flaw by supplying crafted input that positions the input buffer at a memory page boundary, with the subsequent page unmapped. This triggers the out-of-bounds read, potentially causing a crash and denial-of-service (DoS) condition for the affected application. There is no information disclosure, as the over-read bytes are not propagated to output. Exploitation requires specific conditions, including partial block processing and precise memory alignment, and CFB mode is not used in common protocols like TLS/DTLS, which favor CBC, GCM, CCM, or ChaCha20-Poly1305.

OpenSSL's security advisory (https://openssl-library.org/news/secadv/20260407.txt) details the issue and assesses it as low severity per their policy due to the narrow attack surface. Mitigation is available via a patch in commit 61f428a2fc6671ede184a19f71e6e495f0689621 (https://github.com/openssl/openssl/commit/61f428a2fc6671ede184a19f71e6e495f0689621), which security practitioners should apply to vulnerable OpenSSL FIPS 3.6 deployments.

EU & UK References

Vulnerability details

Issue summary: Applications using AES-CFB128 encryption or decryption on systems with AVX-512 and VAES support can trigger an out-of-bounds read of up to 15 bytes when processing partial cipher blocks. Impact summary: This out-of-bounds read may trigger a crash which…

more

leads to Denial of Service for an application if the input buffer ends at a memory page boundary and the following page is unmapped. There is no information disclosure as the over-read bytes are not written to output. The vulnerable code path is only reached when processing partial blocks (when a previous call left an incomplete block and the current call provides fewer bytes than needed to complete it). Additionally, the input buffer must be positioned at a page boundary with the following page unmapped. CFB mode is not used in TLS/DTLS protocols, which use CBC, GCM, CCM, or ChaCha20-Poly1305 instead. For these reasons the issue was assessed as Low severity according to our Security Policy. Only x86-64 systems with AVX-512 and VAES instruction support are affected. Other architectures and systems without VAES support use different code paths that are not affected. OpenSSL FIPS module in 3.6 version is affected by this issue.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1499.004 Application or System Exploitation Impact
Adversaries may exploit software vulnerabilities that can cause an application or system to crash and deny availability to users.
Why these techniques?

Out-of-bounds read in OpenSSL AES-CFB128 processing allows remote crafted input to trigger application crash under specific memory alignment conditions, directly enabling application exploitation for endpoint denial of service.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2026-42771Same product: Openssl Openssl
CVE-2026-9076Same product: Openssl Openssl
CVE-2026-34180Same product: Openssl Openssl
CVE-2026-42767Same product: Openssl Openssl
CVE-2025-69421Same product: Openssl Openssl
CVE-2022-4203Same product: Openssl Openssl
CVE-2026-42766Same product: Openssl Openssl
CVE-2026-42764Same product: Openssl Openssl
CVE-2026-42765Same product: Openssl Openssl
CVE-2026-22796Same product: Openssl Openssl

Affected Assets

openssl
openssl
3.6.0 — 3.6.2

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly addresses the CVE by requiring timely application of the OpenSSL patch (commit 61f428a2fc6671ede184a19f71e6e495f0689621) to remediate the out-of-bounds read in AES-CFB128 processing.

prevent

Implements memory protection mechanisms such as guard pages or bounds checking to mitigate out-of-bounds reads during partial cipher block processing on AVX-512/VAES systems.

detect

Enables periodic vulnerability scanning to identify systems running vulnerable OpenSSL FIPS module 3.6 affected by this out-of-bounds read issue.

References