VulnerableCode Vulnerability Details

Staging Environment: Content and features may be unstable or change without notice.

Search for vulnerabilities

Vulnerability details: VCID-8p9v-8ncv-rkg5

Essentials
Severities (18)
References (16)
Severity details (14)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-8p9v-8ncv-rkg5
Aliases	CVE-2026-34180
Summary
Status	Published
Exploitability	0.5
Weighted Severity	6.8
Risk	3.4
Affected and Fixed Packages	Package Details

Weaknesses (2)

CWE-125	Out-of-bounds Read
CWE-190	Integer Overflow or Wraparound

System	Score	Found at
cvssv3	5.0	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34180.json
epss	0.00059	https://api.first.org/data/v1/epss?cve=CVE-2026-34180
epss	0.00059	https://api.first.org/data/v1/epss?cve=CVE-2026-34180
epss	0.00059	https://api.first.org/data/v1/epss?cve=CVE-2026-34180
epss	0.00059	https://api.first.org/data/v1/epss?cve=CVE-2026-34180
cvssv3.1	3.7	https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3.1	7.5	https://github.com/openssl/openssl/commit/1c6908e4fa5fa568752221d8eaf561a809751e5d
ssvc	Track	https://github.com/openssl/openssl/commit/1c6908e4fa5fa568752221d8eaf561a809751e5d
cvssv3.1	7.5	https://github.com/openssl/openssl/commit/cbe418ae978539cf14a398a207dba834c0e93e83
ssvc	Track	https://github.com/openssl/openssl/commit/cbe418ae978539cf14a398a207dba834c0e93e83
cvssv3.1	7.5	https://github.com/openssl/openssl/commit/d93853c42110d6319e3df07842b488cb9f7ac5ff
ssvc	Track	https://github.com/openssl/openssl/commit/d93853c42110d6319e3df07842b488cb9f7ac5ff
cvssv3.1	7.5	https://github.com/openssl/openssl/commit/da5d62af75f69d6fbf7803743d7c56ac75461e43
ssvc	Track	https://github.com/openssl/openssl/commit/da5d62af75f69d6fbf7803743d7c56ac75461e43
cvssv3.1	7.5	https://github.com/openssl/openssl/commit/f696c73c3e61b8c502d040af62e690c060908a16
ssvc	Track	https://github.com/openssl/openssl/commit/f696c73c3e61b8c502d040af62e690c060908a16
cvssv3.1	7.5	https://openssl-library.org/news/secadv/20260609.txt
ssvc	Track	https://openssl-library.org/news/secadv/20260609.txt

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34180.json
		https://api.first.org/data/v1/epss?cve=CVE-2026-34180
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34180
		https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
1139674		https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1139674
1c6908e4fa5fa568752221d8eaf561a809751e5d		https://github.com/openssl/openssl/commit/1c6908e4fa5fa568752221d8eaf561a809751e5d
20260609.txt		https://openssl-library.org/news/secadv/20260609.txt
2481881		https://bugzilla.redhat.com/show_bug.cgi?id=2481881
cbe418ae978539cf14a398a207dba834c0e93e83		https://github.com/openssl/openssl/commit/cbe418ae978539cf14a398a207dba834c0e93e83
d93853c42110d6319e3df07842b488cb9f7ac5ff		https://github.com/openssl/openssl/commit/d93853c42110d6319e3df07842b488cb9f7ac5ff
da5d62af75f69d6fbf7803743d7c56ac75461e43		https://github.com/openssl/openssl/commit/da5d62af75f69d6fbf7803743d7c56ac75461e43
f696c73c3e61b8c502d040af62e690c060908a16		https://github.com/openssl/openssl/commit/f696c73c3e61b8c502d040af62e690c060908a16
RHSA-2026:25237		https://access.redhat.com/errata/RHSA-2026:25237
RHSA-2026:25239		https://access.redhat.com/errata/RHSA-2026:25239
USN-8414-1		https://usn.ubuntu.com/8414-1/
USN-8414-2		https://usn.ubuntu.com/8414-2/

No exploits are available.

Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34180.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://github.com/openssl/openssl/commit/1c6908e4fa5fa568752221d8eaf561a809751e5d

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-06-09T19:00:59Z/ Found at https://github.com/openssl/openssl/commit/1c6908e4fa5fa568752221d8eaf561a809751e5d

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://github.com/openssl/openssl/commit/cbe418ae978539cf14a398a207dba834c0e93e83

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-06-09T19:00:59Z/ Found at https://github.com/openssl/openssl/commit/cbe418ae978539cf14a398a207dba834c0e93e83

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://github.com/openssl/openssl/commit/d93853c42110d6319e3df07842b488cb9f7ac5ff

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-06-09T19:00:59Z/ Found at https://github.com/openssl/openssl/commit/d93853c42110d6319e3df07842b488cb9f7ac5ff

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://github.com/openssl/openssl/commit/da5d62af75f69d6fbf7803743d7c56ac75461e43

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-06-09T19:00:59Z/ Found at https://github.com/openssl/openssl/commit/da5d62af75f69d6fbf7803743d7c56ac75461e43

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://github.com/openssl/openssl/commit/f696c73c3e61b8c502d040af62e690c060908a16

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-06-09T19:00:59Z/ Found at https://github.com/openssl/openssl/commit/f696c73c3e61b8c502d040af62e690c060908a16

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://openssl-library.org/news/secadv/20260609.txt

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-06-09T19:00:59Z/ Found at https://openssl-library.org/news/secadv/20260609.txt

Exploit Prediction Scoring System (EPSS)

Percentile	0.18698
EPSS Score	0.00059
Published At	June 11, 2026, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2026-06-10T18:14:20.924048+00:00	SUSE Severity Score Importer	Import	https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml	38.6.0