How is CVE-2026-45447 exploited?

Network reachability (required): The vulnerable PKCS7_verify() code path is exposed over the network, so an attacker must be able to deliver a crafted PKCS#7 or S/MIME message to the target service across a network connection. Authentication (required): The CVSS vector specifies PR:L, meaning any low-privilege account is sufficient; no administrative access is needed to supply a malicious signed message. Victim interaction (not-required): Exploitation is fully attacker-driven: no user action such as clicking a link or opening a file is needed for the vulnerable code path to execute. Attack complexity (info): Attack complexity is low (AC:L), meaning the exploit is reliable and does not depend on race conditions, specific memory layouts, or other hard-to-control environmental factors.

What is the impact of CVE-2026-45447?

An attacker who triggers the use-after-free can crash the affected process, causing a denial of service for any application relying on that OpenSSL instance. Heap corruption from the freed BIO region can allow an attacker to overwrite adjacent memory structures, enabling arbitrary data reads including session tokens, private keys, or plaintext message content. In application contexts where allocator behavior is favorable to the attacker, the corrupted heap enables remote code execution within the process, giving the attacker full control over the affected workload. Applications using the PKCS#7 APIs (not the CMS APIs) for signature verification are affected; any service that processes inbound S/MIME email or PKCS#7 signed payloads falls within scope.

Back to search

HIGHCVE-2026-45447Published 2026-06-09Modified 2026-06-10CNA openssl

CVE-2026-45447: Heap Use-After-Free in the PKCS7_verify() Function

Issue summary: A specially crafted PKCS#7 or S/MIME signed message could trigger a use-after-free during PKCS#7 signature verification. Impact summary: A use-after-free may result in process crashes, heap corruption, or potentially remote code execution. When processing a PKCS#7 or S/MIME signed message, if the SignedData digestAlgorithms field is present as an empty ASN.1 SET, OpenSSL may incorrectly free a caller-owned BIO during PKCS7_verify(). A subsequent use of the BIO by the calling application results in a use-after-free condition. In the common case this occurs when the application later calls BIO_free() on the BIO originally passed to PKCS7_verify(). Depending on allocator behavior and application-specific BIO usage patterns, this may result in a crash or other memory corruption. In some application contexts this may potentially be exploitable for remote code execution. Applications that process PKCS#7 or S/MIME signed messages using OpenSSL PKCS#7 APIs may be affected. Applications using the CMS APIs for this processing are not affected. The FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are not affected by this issue, as the affected code is outside the OpenSSL FIPS module boundary.

CVSS v3.1: 8.8
Severity: HIGH
Fixed in: 1.0.2zq
Affected Products: 1

HarborGuard Analysis

Synopsis

Heap use-after-free in OpenSSL's PKCS7_verify() function affects OpenSSL versions across the 1.0.2, 1.1.1, 3.0, 3.4, and 3.5 branches. The vulnerability is reachable over the network by any low-privilege authenticated user, requiring no victim interaction, and successful exploitation causes process crashes, heap corruption, or remote code execution. Patched-image rebuilds at versions 1.0.2zq, 1.1.1zh, 3.0.21, 3.4.6, and 3.5.7 are available on HarborGuard for environments running an affected version.

HarborGuard Coverage

Detection

Detection is available across every HarborGuard environment: the CVE is ingested from upstream advisory feeds within minutes of publication and matched against all customer images, including custom-built images that bundle an affected OpenSSL version. Any image in a customer registry or CI pipeline carrying a vulnerable OpenSSL build is flagged automatically.

Available

Triage

HarborGuard scores this CVE at CVSS 8.8 HIGH and surfaces it accordingly in each environment's findings queue, weighted against the customer's compliance policy to determine urgency. Routing rules direct the finding to the team or inbox the customer has configured for high-severity OpenSSL issues.

Available

Patch

A patched-image rebuild against the applicable fix version (1.0.2zq, 1.1.1zh, 3.0.21, 3.4.6, or 3.5.7, depending on the base image branch) is available on HarborGuard for every affected image. For customers with auto-remediation enabled, HarborGuard performs the rebuild, runs a regression test suite, and opens a pull request against the affected workload; median time from CVE publication to merged patch PR for high-severity issues is around 90 minutes in those environments.

Available

Exploit Conditions

Network reachabilityRequired
The vulnerable PKCS7_verify() code path is exposed over the network, so an attacker must be able to deliver a crafted PKCS#7 or S/MIME message to the target service across a network connection.
AuthenticationRequired
The CVSS vector specifies PR:L, meaning any low-privilege account is sufficient; no administrative access is needed to supply a malicious signed message.
Victim interactionNot required
Exploitation is fully attacker-driven: no user action such as clicking a link or opening a file is needed for the vulnerable code path to execute.
Attack complexityDetail
Attack complexity is low (AC:L), meaning the exploit is reliable and does not depend on race conditions, specific memory layouts, or other hard-to-control environmental factors.

Blast Radius

An attacker who triggers the use-after-free can crash the affected process, causing a denial of service for any application relying on that OpenSSL instance.
Heap corruption from the freed BIO region can allow an attacker to overwrite adjacent memory structures, enabling arbitrary data reads including session tokens, private keys, or plaintext message content.
In application contexts where allocator behavior is favorable to the attacker, the corrupted heap enables remote code execution within the process, giving the attacker full control over the affected workload.
Applications using the PKCS#7 APIs (not the CMS APIs) for signature verification are affected; any service that processes inbound S/MIME email or PKCS#7 signed payloads falls within scope.

How HarborGuard Handles This

Available on HarborGuard: detection, triage, and patched-image rebuild for CVE-2026-45447 across all customer environments. Images containing OpenSSL versions below the fix thresholds (1.0.2zq, 1.1.1zh, 3.0.21, 3.4.6, or 3.5.7) are matched and flagged within minutes of the CVE entering upstream feeds. For customers with auto-remediation enabled, HarborGuard rebuilds the image at the correct fix branch, runs the configured regression suite, and opens a pull request against affected workloads; for high-severity issues the median time from publication to merged patch PR is around 90 minutes. Where compliance policy requires manual approval before remediation, the finding is routed to the designated inbox with full CVSS context and affected-image inventory so the responsible team can act immediately. Note that the FIPS modules in OpenSSL 3.0, 3.4, 3.5, 3.6, and 4.0 are not affected by this issue; HarborGuard triage annotations reflect this scope distinction where image metadata makes the FIPS boundary identifiable.

See how HarborGuard automates this

Fix available

1.0.2zq1.1.1zh3.0.213.4.63.5.73.6.34.0.1

Patch commits

Affected packages

OpenSSL / OpenSSL
< 4.0.1 (from 4.0.0) · < 3.6.3 (from 3.6.0) · < 3.5.7 (from 3.5.0) · < 3.4.6 (from 3.4.0) · < 3.0.21 (from 3.0.0) · < 1.1.1zh (from 1.1.1)

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References

Metrics

Get notified

HarborGuard Analysis

Synopsis

HarborGuard Coverage

Exploit Conditions

Blast Radius

How HarborGuard Handles This

Fix available