CVE-2026-35188 (GCVE-0-2026-35188)

Vulnerability from cvelistv5 – Published: 2026-06-09 16:03 – Updated: 2026-06-10 20:02
VLAI
Title
Double-free When Checking OCSP Stapled Response
Summary
Issue summary: A malicious server can exploit TLS OCSP stapling by delivering a crafted response through the status_request extension, triggering a double-free in the client's certificate verification path. Impact summary: Successful exploitation allows an attacker to corrupt heap memory via a double-free, potentially leading to a Denial of Service or possibly an attacker controlled code execution or other undefined behavior. If OCSP stapling is enabled and the TLS client connects to a malicious server, a crafted OCSP stapled response can trigger a double free in the TLS client when the stapled response is checked. The OCSP stapling is not enabled by default. Reliable code execution through a double-free is technically complex and highly environment-dependent but the Denial of Service impact is straightforward to achieve, warranting Moderate severity. No FIPS modules are affected by this issue as the affected code is outside the OpenSSL FIPS module boundary.
Severity
5 (Medium)
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
References
Impacted products
Vendor Product Version
OpenSSL OpenSSL Affected: 4.0.0 , < 4.0.1 (semver)
Affected: 3.6.0 , < 3.6.3 (semver)
Create a notification for this product.
Date Public
2026-06-09 14:00
Credits
Wang Kenaz (University of Illinois) Guido Vranken (Aisle Research) Aaron Grattafiori (Nvidia) Daniel Kubec
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "HIGH",
              "attackVector": "NETWORK",
              "availabilityImpact": "LOW",
              "baseScore": 5,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "LOW",
              "integrityImpact": "LOW",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2026-35188",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-06-10T03:59:37.106557Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-06-10T20:02:41.587Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "OpenSSL",
          "vendor": "OpenSSL",
          "versions": [
            {
              "lessThan": "4.0.1",
              "status": "affected",
              "version": "4.0.0",
              "versionType": "semver"
            },
            {
              "lessThan": "3.6.3",
              "status": "affected",
              "version": "3.6.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "Wang Kenaz (University of Illinois)"
        },
        {
          "lang": "en",
          "type": "reporter",
          "value": "Guido Vranken (Aisle Research)"
        },
        {
          "lang": "en",
          "type": "reporter",
          "value": "Aaron Grattafiori (Nvidia)"
        },
        {
          "lang": "en",
          "type": "remediation developer",
          "value": "Daniel Kubec"
        }
      ],
      "datePublic": "2026-06-09T14:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Issue summary: A malicious server can exploit TLS OCSP stapling by delivering\u003cbr\u003ea crafted response through the status_request extension, triggering a\u003cbr\u003edouble-free in the client\u0027s certificate verification path.\u003cbr\u003e\u003cbr\u003eImpact summary: Successful exploitation allows an attacker to corrupt heap\u003cbr\u003ememory via a double-free, potentially leading to a Denial of Service or\u003cbr\u003epossibly an attacker controlled code execution or other undefined behavior.\u003cbr\u003e\u003cbr\u003eIf OCSP stapling is enabled and the TLS client connects to a malicious server,\u003cbr\u003ea crafted OCSP stapled response can trigger a double free in the TLS client\u003cbr\u003ewhen the stapled response is checked.\u003cbr\u003e\u003cbr\u003eThe OCSP stapling is not enabled by default. Reliable code execution\u003cbr\u003ethrough a double-free is technically complex and highly environment-dependent\u003cbr\u003ebut the Denial of Service impact is straightforward to achieve, warranting\u003cbr\u003eModerate severity.\u003cbr\u003e\u003cbr\u003eNo FIPS modules are affected by this issue as the affected code is outside\u003cbr\u003ethe OpenSSL FIPS module boundary."
            }
          ],
          "value": "Issue summary: A malicious server can exploit TLS OCSP stapling by delivering\na crafted response through the status_request extension, triggering a\ndouble-free in the client\u0027s certificate verification path.\n\nImpact summary: Successful exploitation allows an attacker to corrupt heap\nmemory via a double-free, potentially leading to a Denial of Service or\npossibly an attacker controlled code execution or other undefined behavior.\n\nIf OCSP stapling is enabled and the TLS client connects to a malicious server,\na crafted OCSP stapled response can trigger a double free in the TLS client\nwhen the stapled response is checked.\n\nThe OCSP stapling is not enabled by default. Reliable code execution\nthrough a double-free is technically complex and highly environment-dependent\nbut the Denial of Service impact is straightforward to achieve, warranting\nModerate severity.\n\nNo FIPS modules are affected by this issue as the affected code is outside\nthe OpenSSL FIPS module boundary."
        }
      ],
      "metrics": [
        {
          "format": "other",
          "other": {
            "content": {
              "text": "Moderate"
            },
            "type": "https://openssl-library.org/policies/general/security-policy/"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-415",
              "description": "CWE-415 Double Free",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-10T07:47:57.674Z",
        "orgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5",
        "shortName": "openssl"
      },
      "references": [
        {
          "name": "OpenSSL Advisory",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://openssl-library.org/news/secadv/20260609.txt"
        },
        {
          "name": "4.0.1 git commit",
          "tags": [
            "patch"
          ],
          "url": "https://github.com/openssl/openssl/commit/78d0154cffda03aaaac63a087cc523a6b35fa8fd"
        },
        {
          "name": "3.6.3 git commit",
          "tags": [
            "patch"
          ],
          "url": "https://github.com/openssl/openssl/commit/131145d25659e8749a9ed1afb383484854cffb78"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Double-free When Checking OCSP Stapled Response",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5",
    "assignerShortName": "openssl",
    "cveId": "CVE-2026-35188",
    "datePublished": "2026-06-09T16:03:24.395Z",
    "dateReserved": "2026-04-01T17:36:26.323Z",
    "dateUpdated": "2026-06-10T20:02:41.587Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2026-35188",
      "date": "2026-06-11",
      "epss": "0.00069",
      "percentile": "0.21262"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2026-35188\",\"sourceIdentifier\":\"openssl-security@openssl.org\",\"published\":\"2026-06-09T17:17:05.437\",\"lastModified\":\"2026-06-10T22:16:56.973\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Issue summary: A malicious server can exploit TLS OCSP stapling by delivering\\na crafted response through the status_request extension, triggering a\\ndouble-free in the client\u0027s certificate verification path.\\n\\nImpact summary: Successful exploitation allows an attacker to corrupt heap\\nmemory via a double-free, potentially leading to a Denial of Service or\\npossibly an attacker controlled code execution or other undefined behavior.\\n\\nIf OCSP stapling is enabled and the TLS client connects to a malicious server,\\na crafted OCSP stapled response can trigger a double free in the TLS client\\nwhen the stapled response is checked.\\n\\nThe OCSP stapling is not enabled by default. Reliable code execution\\nthrough a double-free is technically complex and highly environment-dependent\\nbut the Denial of Service impact is straightforward to achieve, warranting\\nModerate severity.\\n\\nNo FIPS modules are affected by this issue as the affected code is outside\\nthe OpenSSL FIPS module boundary.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L\",\"baseScore\":5.0,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":1.6,\"impactScore\":3.4}]},\"weaknesses\":[{\"source\":\"openssl-security@openssl.org\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-415\"}]}],\"references\":[{\"url\":\"https://github.com/openssl/openssl/commit/131145d25659e8749a9ed1afb383484854cffb78\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"https://github.com/openssl/openssl/commit/78d0154cffda03aaaac63a087cc523a6b35fa8fd\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"https://openssl-library.org/news/secadv/20260609.txt\",\"source\":\"openssl-security@openssl.org\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"LOW\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"LOW\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-35188\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-06-10T03:59:37.106557Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-06-10T10:33:35.427Z\"}}], \"cna\": {\"title\": \"Double-free When Checking OCSP Stapled Response\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"reporter\", \"value\": \"Wang Kenaz (University of Illinois)\"}, {\"lang\": \"en\", \"type\": \"reporter\", \"value\": \"Guido Vranken (Aisle Research)\"}, {\"lang\": \"en\", \"type\": \"reporter\", \"value\": \"Aaron Grattafiori (Nvidia)\"}, {\"lang\": \"en\", \"type\": \"remediation developer\", \"value\": \"Daniel Kubec\"}], \"metrics\": [{\"other\": {\"type\": \"https://openssl-library.org/policies/general/security-policy/\", \"content\": {\"text\": \"Moderate\"}}, \"format\": \"other\"}], \"affected\": [{\"vendor\": \"OpenSSL\", \"product\": \"OpenSSL\", \"versions\": [{\"status\": \"affected\", \"version\": \"4.0.0\", \"lessThan\": \"4.0.1\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"3.6.0\", \"lessThan\": \"3.6.3\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unaffected\"}], \"datePublic\": \"2026-06-09T14:00:00.000Z\", \"references\": [{\"url\": \"https://openssl-library.org/news/secadv/20260609.txt\", \"name\": \"OpenSSL Advisory\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://github.com/openssl/openssl/commit/78d0154cffda03aaaac63a087cc523a6b35fa8fd\", \"name\": \"4.0.1 git commit\", \"tags\": [\"patch\"]}, {\"url\": \"https://github.com/openssl/openssl/commit/131145d25659e8749a9ed1afb383484854cffb78\", \"name\": \"3.6.3 git commit\", \"tags\": [\"patch\"]}], \"x_generator\": {\"engine\": \"Vulnogram 0.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"Issue summary: A malicious server can exploit TLS OCSP stapling by delivering\\na crafted response through the status_request extension, triggering a\\ndouble-free in the client\u0027s certificate verification path.\\n\\nImpact summary: Successful exploitation allows an attacker to corrupt heap\\nmemory via a double-free, potentially leading to a Denial of Service or\\npossibly an attacker controlled code execution or other undefined behavior.\\n\\nIf OCSP stapling is enabled and the TLS client connects to a malicious server,\\na crafted OCSP stapled response can trigger a double free in the TLS client\\nwhen the stapled response is checked.\\n\\nThe OCSP stapling is not enabled by default. Reliable code execution\\nthrough a double-free is technically complex and highly environment-dependent\\nbut the Denial of Service impact is straightforward to achieve, warranting\\nModerate severity.\\n\\nNo FIPS modules are affected by this issue as the affected code is outside\\nthe OpenSSL FIPS module boundary.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Issue summary: A malicious server can exploit TLS OCSP stapling by delivering\u003cbr\u003ea crafted response through the status_request extension, triggering a\u003cbr\u003edouble-free in the client\u0027s certificate verification path.\u003cbr\u003e\u003cbr\u003eImpact summary: Successful exploitation allows an attacker to corrupt heap\u003cbr\u003ememory via a double-free, potentially leading to a Denial of Service or\u003cbr\u003epossibly an attacker controlled code execution or other undefined behavior.\u003cbr\u003e\u003cbr\u003eIf OCSP stapling is enabled and the TLS client connects to a malicious server,\u003cbr\u003ea crafted OCSP stapled response can trigger a double free in the TLS client\u003cbr\u003ewhen the stapled response is checked.\u003cbr\u003e\u003cbr\u003eThe OCSP stapling is not enabled by default. Reliable code execution\u003cbr\u003ethrough a double-free is technically complex and highly environment-dependent\u003cbr\u003ebut the Denial of Service impact is straightforward to achieve, warranting\u003cbr\u003eModerate severity.\u003cbr\u003e\u003cbr\u003eNo FIPS modules are affected by this issue as the affected code is outside\u003cbr\u003ethe OpenSSL FIPS module boundary.\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-415\", \"description\": \"CWE-415 Double Free\"}]}], \"providerMetadata\": {\"orgId\": \"3a12439a-ef3a-4c79-92e6-6081a721f1e5\", \"shortName\": \"openssl\", \"dateUpdated\": \"2026-06-10T07:47:57.674Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2026-35188\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-06-10T20:02:41.587Z\", \"dateReserved\": \"2026-04-01T17:36:26.323Z\", \"assignerOrgId\": \"3a12439a-ef3a-4c79-92e6-6081a721f1e5\", \"datePublished\": \"2026-06-09T16:03:24.395Z\", \"assignerShortName\": \"openssl\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.





Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.


Detection rules are retrieved from Rulezet.