CVE-2026-45447
Published: 09 June 2026
Summary
CVE-2026-45447 is a high-severity Use After Free (CWE-416) vulnerability in Openssl Openssl. Its CVSS base score is 8.8 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 15.8% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-2 (Flaw Remediation) and SI-10 (Information Input Validation).
Deeper analysis
A use-after-free vulnerability exists in OpenSSL when processing specially crafted PKCS#7 or S/MIME signed messages containing an empty ASN.1 SET in the SignedData digestAlgorithms field. During PKCS7_verify(), OpenSSL may incorrectly free a caller-owned BIO, leaving a dangling reference that triggers the flaw on subsequent use by the application. The issue affects any software using the PKCS#7 APIs to handle such messages; CMS API users and the FIPS modules in OpenSSL 3.0 through 4.0 are unaffected. The flaw carries a CVSS score of 9.8 and is tracked as CWE-416.
An unauthenticated remote attacker can supply a malicious PKCS#7 or S/MIME message to trigger the condition. Depending on allocator behavior and the calling application's BIO handling, this may produce a process crash, heap corruption, or remote code execution.
The referenced OpenSSL commits (3aad5eb, 7d4a980, 9dfd688, a541ae8, and c505d75) contain the corrective changes. The current EPSS score of 0.0012 indicates low observed exploitation probability.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2026-35491
Vulnerability details
Issue summary: A specially crafted PKCS#7 or S/MIME signed message could trigger a use-after-free during PKCS#7 signature verification. Impact summary: A use-after-free may result in process crashes, heap corruption, or potentially remote code execution. When processing a PKCS#7 or S/MIME…
more
signed message, if the SignedData digestAlgorithms field is present as an empty ASN.1 SET, OpenSSL may incorrectly free a caller-owned BIO during PKCS7_verify(). A subsequent use of the BIO by the calling application results in a use-after-free condition. In the common case this occurs when the application later calls BIO_free() on the BIO originally passed to PKCS7_verify(). Depending on allocator behavior and application-specific BIO usage patterns, this may result in a crash or other memory corruption. In some application contexts this may potentially be exploitable for remote code execution. Applications that process PKCS#7 or S/MIME signed messages using OpenSSL PKCS#7 APIs may be affected. Applications using the CMS APIs for this processing are not affected. The FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are not affected by this issue, as the affected code is outside the OpenSSL FIPS module boundary.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Remote unauthenticated attacker supplies crafted PKCS#7/S/MIME input to OpenSSL PKCS7_verify() for RCE/DoS via UAF in public-facing apps or services using the API.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly requires timely application of the published OpenSSL patches that eliminate the incorrect BIO free inside PKCS7_verify().
Memory-protection mechanisms (ASLR, guard pages, allocator hardening) reduce the likelihood that the dangling BIO reference can be turned into RCE.
Requires validation of PKCS#7/S/MIME message structure before it reaches the vulnerable OpenSSL parsing code.
Hardening callouts derived
Configuration rules from DISA STIG baselines that reduce the attack surface for weaknesses of the type cited by this CVE. Derived transitively via CVE→CWE→STIG over `controls_xwalks` (authoritative rows only).
Oracle Linux 8 (1 rule)
- V-248592 OL 8 must clear memory when it is freed to prevent use-after-free attacks. via CWE-416
RHEL 8 (1 rule)
- V-230279 RHEL 8 must clear memory when it is freed to prevent use-after-free attacks. via CWE-416
RHEL 9 (1 rule)
- V-257794 RHEL 9 must clear memory when it is freed to prevent use-after-free attacks. via CWE-416