Login Sign Up

CVE-2026-22796

5.3 MEDIUM
Denial of Service

📋 TL;DR

A type confusion vulnerability in OpenSSL's PKCS#7 signature verification allows attackers to cause denial of service by providing malformed signed PKCS#7 data. Applications that verify PKCS#7 signatures or call PKCS7_digest_from_attributes() directly are affected. This is a low severity issue primarily impacting legacy PKCS#7 API usage.

💻 Affected Systems

Products:
  • OpenSSL
Versions: OpenSSL 3.6, 3.5, 3.4, 3.3, 3.0, 1.1.1, 1.0.2
Operating Systems: All operating systems using affected OpenSSL versions
Default Config Vulnerable: ⚠️ Yes
Notes: FIPS modules in 3.5, 3.4, 3.3 and 3.0 are NOT affected. Only applications using PKCS#7 API (legacy) are vulnerable, not those using CMS API.

📦 What is this software?

Openssl by Openssl

OpenSSL is a robust, commercial-grade toolkit for the Transport Layer Security (TLS) and Secure Sockets Layer (SSL) protocols. It provides cryptographic functions and is one of the most widely used libraries for implementing secure communications in applications worldwide.

Learn more about Openssl →

Openssl by Openssl

OpenSSL is a robust, commercial-grade toolkit for the Transport Layer Security (TLS) and Secure Sockets Layer (SSL) protocols. It provides cryptographic functions and is one of the most widely used libraries for implementing secure communications in applications worldwide.

Learn more about Openssl →

Openssl by Openssl

OpenSSL is a robust, commercial-grade toolkit for the Transport Layer Security (TLS) and Secure Sockets Layer (SSL) protocols. It provides cryptographic functions and is one of the most widely used libraries for implementing secure communications in applications worldwide.

Learn more about Openssl →

Openssl by Openssl

OpenSSL is a robust, commercial-grade toolkit for the Transport Layer Security (TLS) and Secure Sockets Layer (SSL) protocols. It provides cryptographic functions and is one of the most widely used libraries for implementing secure communications in applications worldwide.

Learn more about Openssl →

Openssl by Openssl

OpenSSL is a robust, commercial-grade toolkit for the Transport Layer Security (TLS) and Secure Sockets Layer (SSL) protocols. It provides cryptographic functions and is one of the most widely used libraries for implementing secure communications in applications worldwide.

Learn more about Openssl →

Openssl by Openssl

OpenSSL is a robust, commercial-grade toolkit for the Transport Layer Security (TLS) and Secure Sockets Layer (SSL) protocols. It provides cryptographic functions and is one of the most widely used libraries for implementing secure communications in applications worldwide.

Learn more about Openssl →

Openssl by Openssl

OpenSSL is a robust, commercial-grade toolkit for the Transport Layer Security (TLS) and Secure Sockets Layer (SSL) protocols. It provides cryptographic functions and is one of the most widely used libraries for implementing secure communications in applications worldwide.

Learn more about Openssl →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Application crash leading to denial of service for services relying on PKCS#7 signature verification

🟠

Likely Case

Application crash when processing malicious PKCS#7 data, requiring restart

🟢

If Mitigated

No impact if using CMS API instead of legacy PKCS#7 API or if FIPS modules are used

🌐 Internet-Facing: LOW
🏢 Internal Only: LOW

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: NO
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Exploitation requires attacker to provide malformed signed PKCS#7 data to vulnerable application. Only causes DoS, not code execution.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Patched in OpenSSL via commits referenced in CVE

Vendor Advisory: https://github.com/openssl/openssl/commits

Restart Required: Yes

Instructions:

1. Update OpenSSL to patched version 2. Restart affected applications 3. Verify fix with version check

🔧 Temporary Workarounds

Migrate to CMS API

all

Replace PKCS#7 API usage with CMS API as recommended by OpenSSL

Input validation

all

Implement strict validation of PKCS#7 data before processing

🧯 If You Can't Patch

  • Disable PKCS#7 signature verification in affected applications
  • Implement network filtering to block PKCS#7 data from untrusted sources

🔍 How to Verify

Check if Vulnerable:

Check OpenSSL version with 'openssl version' and compare against affected versions

Check Version:

openssl version

Verify Fix Applied:

Verify OpenSSL version is updated beyond vulnerable versions and test PKCS#7 processing

📡 Detection & Monitoring

Log Indicators:

  • Application crashes during PKCS#7 processing
  • Segmentation faults in OpenSSL-related processes

Network Indicators:

  • Incoming PKCS#7 data to signature verification endpoints

SIEM Query:

Process crashes with OpenSSL library in stack trace OR network traffic containing PKCS#7 signatures

📊 Metadata

CVE ID: CVE-2026-22796
CVSS v3 Score: 5.3 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CWE: CWE-754
EPSS Score: 0.07% exploit probability (21.5th percentile)
Published: January 27, 2026
Last Updated: February 2, 2026

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2026-22796, you might also want to check these:

CVE-2026-24054 10.0

A vulnerability in Kata Containers allows malformed container images with no layers to cause the hos...

Same vulnerability type (CWE-754)
CVE-2021-0211 10.0

This vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows attackers to send specia...

Same vulnerability type (CWE-754)
CVE-2024-3729 9.8

This vulnerability in the Frontend Admin WordPress plugin allows unauthenticated attackers to manipu...

Same vulnerability type (CWE-754)