In a significant security update, OpenSSL has addressed multiple vulnerabilities in its April 2026 release, including a critical issue that could potentially expose sensitive data during RSA-based key encapsulation. The update patches seven vulnerabilities across supported versions, with CVE-2026-31790 emerging as the most notable concern.

To begin with, this moderate-severity flaw affects applications using EVP_PKEY_encapsulate() with RSA/RSASVE. Specifically, the vulnerability arises when applications derive a shared secret from an attacker-controlled RSA public key without validating it beforehand. As a result, improper validation can open the door to unintended data exposure.

According to OpenSSL, the root cause lies in an incorrect return-value check within the RSA encryption process. While RSA_public_encrypt() returns -1 upon failure, the affected code mistakenly treated any non-zero value as success. Consequently, the encapsulation process could proceed even when encryption had actually failed.

This flaw creates a serious risk scenario. For instance, when developers use caller-supplied ciphertext buffers, the system may still return output lengths and appear successful despite the failed encryption. In such cases, stale or uninitialized memory remains in the buffer and may be transmitted back to a malicious peer. OpenSSL warned that this leftover data could include sensitive information from previous operations, effectively turning a failed cryptographic process into a data leakage vulnerability.

Furthermore, the issue impacts multiple OpenSSL versions, including 3.0, 3.3, 3.4, 3.5, and 3.6 branches. However, older versions such as 1.0.2 and 1.1.1 remain unaffected. Notably, FIPS modules across several versions are also impacted, making this vulnerability particularly relevant for organizations operating in regulated environments.

Ad Banner

As an immediate mitigation, OpenSSL recommends validating public keys before use. Specifically, developers should call EVP_PKEY_public_check() or EVP_PKEY_public_check_quick() prior to invoking EVP_PKEY_encapsulate(). This step is crucial because exploitation depends on accepting invalid, attacker-controlled keys. Therefore, environments that already enforce strict key validation are at a lower risk.

In addition to CVE-2026-31790, OpenSSL also resolved six low-severity vulnerabilities. These include issues such as an out-of-bounds read in AES-CFB-128 (CVE-2026-28386), a use-after-free bug in DANE configurations (CVE-2026-28387), and multiple NULL dereference flaws affecting CRL and CMS processing. Another vulnerability, CVE-2026-31789, involves a heap buffer overflow during OCTET STRING conversion on 32-bit systems.

Although most of these additional flaws primarily lead to denial-of-service conditions, they underscore a broader concern. In particular, edge-case parsing and improper error handling in cryptographic libraries often introduce exploitable weaknesses. Therefore, applications processing untrusted inputs such as certificates, CRLs, or public keys must be carefully audited.

Moreover, this update highlights that exposure to OpenSSL vulnerabilities extends beyond TLS implementations. Systems such as mail gateways, certificate management tools, and S/MIME services may also be affected. As a result, security teams should conduct comprehensive reviews across all dependent systems.

OpenSSL said CVE-2026-31790 was reported by Simo Sorce of Red Hat on February 23, 2026, and the fix was developed by Nikola Pajkovsky.

In conclusion, organizations running affected versions should prioritize patching immediately. At the same time, they must implement strict public-key validation practices, particularly in environments where external or user-supplied key material interacts with cryptographic APIs.

Recommended Cyber Technology News:

To participate in our interviews, please write to our CyberTech Media Room at info@intentamplify.com  



🔒 Login or Register to continue reading