VulnerableCode Vulnerability Details

Staging Environment: Content and features may be unstable or change without notice.

Search for vulnerabilities

Vulnerability details: VCID-87vs-4p6w-xbgq

Essentials
Severities (13)
References (12)
Severity details (8)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-87vs-4p6w-xbgq
Aliases	CVE-2026-31789
Summary
Status	Published
Exploitability	0.5
Weighted Severity	3.6
Risk	1.8
Affected and Fixed Packages	Package Details

Weaknesses (2)

CWE-190	Integer Overflow or Wraparound
CWE-787	Out-of-bounds Write

System	Score	Found at
cvssv3	5.8	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31789.json
epss	0.00011	https://api.first.org/data/v1/epss?cve=CVE-2026-31789
epss	0.00011	https://api.first.org/data/v1/epss?cve=CVE-2026-31789
epss	0.00012	https://api.first.org/data/v1/epss?cve=CVE-2026-31789
epss	9e-05	https://api.first.org/data/v1/epss?cve=CVE-2026-31789
epss	9e-05	https://api.first.org/data/v1/epss?cve=CVE-2026-31789
cvssv3.1	7.3	https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
ssvc	Track	https://github.com/openssl/openssl/commit/364f095b80601db632b0def6a33316967f863bde
ssvc	Track	https://github.com/openssl/openssl/commit/7a9087efd769f362ad9c0e30c7baaa6bbfa65ecf
ssvc	Track	https://github.com/openssl/openssl/commit/945b935ac66cc7f1a41f1b849c7c25adb5351f49
ssvc	Track	https://github.com/openssl/openssl/commit/a24216018e1ede8ff01a4ff5afff7dfbd443e2f9
ssvc	Track	https://github.com/openssl/openssl/commit/a91e537d16d74050dbde50bb0dfb1fe9930f0521
ssvc	Track	https://openssl-library.org/news/secadv/20260407.txt

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31789.json
		https://api.first.org/data/v1/epss?cve=CVE-2026-31789
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31789
		https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
20260407.txt		https://openssl-library.org/news/secadv/20260407.txt
2451095		https://bugzilla.redhat.com/show_bug.cgi?id=2451095
364f095b80601db632b0def6a33316967f863bde		https://github.com/openssl/openssl/commit/364f095b80601db632b0def6a33316967f863bde
7a9087efd769f362ad9c0e30c7baaa6bbfa65ecf		https://github.com/openssl/openssl/commit/7a9087efd769f362ad9c0e30c7baaa6bbfa65ecf
945b935ac66cc7f1a41f1b849c7c25adb5351f49		https://github.com/openssl/openssl/commit/945b935ac66cc7f1a41f1b849c7c25adb5351f49
a24216018e1ede8ff01a4ff5afff7dfbd443e2f9		https://github.com/openssl/openssl/commit/a24216018e1ede8ff01a4ff5afff7dfbd443e2f9
a91e537d16d74050dbde50bb0dfb1fe9930f0521		https://github.com/openssl/openssl/commit/a91e537d16d74050dbde50bb0dfb1fe9930f0521
USN-8155-1		https://usn.ubuntu.com/8155-1/

No exploits are available.

Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31789.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-09T03:56:05Z/ Found at https://github.com/openssl/openssl/commit/364f095b80601db632b0def6a33316967f863bde

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-09T03:56:05Z/ Found at https://github.com/openssl/openssl/commit/7a9087efd769f362ad9c0e30c7baaa6bbfa65ecf

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-09T03:56:05Z/ Found at https://github.com/openssl/openssl/commit/945b935ac66cc7f1a41f1b849c7c25adb5351f49

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-09T03:56:05Z/ Found at https://github.com/openssl/openssl/commit/a24216018e1ede8ff01a4ff5afff7dfbd443e2f9

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-09T03:56:05Z/ Found at https://github.com/openssl/openssl/commit/a91e537d16d74050dbde50bb0dfb1fe9930f0521

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-09T03:56:05Z/ Found at https://openssl-library.org/news/secadv/20260407.txt

Exploit Prediction Scoring System (EPSS)

Percentile	0.01203
EPSS Score	0.00011
Published At	April 8, 2026, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2026-04-02T12:44:17.494286+00:00	SUSE Severity Score Importer	Import	https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml	38.0.0