Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-dr6n-wkrp-zkhh
Vulnerability ID VCID-dr6n-wkrp-zkhh
Aliases CVE-2026-45445
Summary
Status Published
Exploitability 0.5
Weighted Severity 8.2
Risk 4.1
Affected and Fixed Packages Package Details
Weaknesses (2)
CWE-325 Missing Cryptographic Step
CWE-1204 Generation of Weak Initialization Vector (IV)
System Score Found at
cvssv3 9.1 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45445.json
epss 0.00017 https://api.first.org/data/v1/epss?cve=CVE-2026-45445
epss 0.00017 https://api.first.org/data/v1/epss?cve=CVE-2026-45445
epss 0.00017 https://api.first.org/data/v1/epss?cve=CVE-2026-45445
epss 0.0002 https://api.first.org/data/v1/epss?cve=CVE-2026-45445
cvssv3.1 6.5 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3.1 7.5 https://github.com/openssl/openssl/commit/323f0b6e7d530a4cb4336d50c88cb70f3ac2a451
ssvc Track https://github.com/openssl/openssl/commit/323f0b6e7d530a4cb4336d50c88cb70f3ac2a451
cvssv3.1 7.5 https://github.com/openssl/openssl/commit/787a6dfba81b7b09c1e05ab31396c0cd7c36b3f7
ssvc Track https://github.com/openssl/openssl/commit/787a6dfba81b7b09c1e05ab31396c0cd7c36b3f7
cvssv3.1 7.5 https://github.com/openssl/openssl/commit/7ac4715234ee72d9f3c93426a2c08554b5b771af
ssvc Track https://github.com/openssl/openssl/commit/7ac4715234ee72d9f3c93426a2c08554b5b771af
cvssv3.1 7.5 https://github.com/openssl/openssl/commit/843c9b94ca9c2ed248bb30127bb4f3d7af0d607c
ssvc Track https://github.com/openssl/openssl/commit/843c9b94ca9c2ed248bb30127bb4f3d7af0d607c
cvssv3.1 7.5 https://github.com/openssl/openssl/commit/983d54b5cce8d16147548ed1a37892d1720bbab6
ssvc Track https://github.com/openssl/openssl/commit/983d54b5cce8d16147548ed1a37892d1720bbab6
cvssv3.1 7.5 https://openssl-library.org/news/secadv/20260609.txt
ssvc Track https://openssl-library.org/news/secadv/20260609.txt
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45445.json
https://api.first.org/data/v1/epss?cve=CVE-2026-45445
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
1139674 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1139674
20260609.txt https://openssl-library.org/news/secadv/20260609.txt
2481896 https://bugzilla.redhat.com/show_bug.cgi?id=2481896
323f0b6e7d530a4cb4336d50c88cb70f3ac2a451 https://github.com/openssl/openssl/commit/323f0b6e7d530a4cb4336d50c88cb70f3ac2a451
787a6dfba81b7b09c1e05ab31396c0cd7c36b3f7 https://github.com/openssl/openssl/commit/787a6dfba81b7b09c1e05ab31396c0cd7c36b3f7
7ac4715234ee72d9f3c93426a2c08554b5b771af https://github.com/openssl/openssl/commit/7ac4715234ee72d9f3c93426a2c08554b5b771af
843c9b94ca9c2ed248bb30127bb4f3d7af0d607c https://github.com/openssl/openssl/commit/843c9b94ca9c2ed248bb30127bb4f3d7af0d607c
983d54b5cce8d16147548ed1a37892d1720bbab6 https://github.com/openssl/openssl/commit/983d54b5cce8d16147548ed1a37892d1720bbab6
RHSA-2026:25237 https://access.redhat.com/errata/RHSA-2026:25237
RHSA-2026:25239 https://access.redhat.com/errata/RHSA-2026:25239
USN-8414-1 https://usn.ubuntu.com/8414-1/
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45445.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://github.com/openssl/openssl/commit/323f0b6e7d530a4cb4336d50c88cb70f3ac2a451
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-06-09T19:22:47Z/ Found at https://github.com/openssl/openssl/commit/323f0b6e7d530a4cb4336d50c88cb70f3ac2a451
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://github.com/openssl/openssl/commit/787a6dfba81b7b09c1e05ab31396c0cd7c36b3f7
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-06-09T19:22:47Z/ Found at https://github.com/openssl/openssl/commit/787a6dfba81b7b09c1e05ab31396c0cd7c36b3f7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://github.com/openssl/openssl/commit/7ac4715234ee72d9f3c93426a2c08554b5b771af
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-06-09T19:22:47Z/ Found at https://github.com/openssl/openssl/commit/7ac4715234ee72d9f3c93426a2c08554b5b771af
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://github.com/openssl/openssl/commit/843c9b94ca9c2ed248bb30127bb4f3d7af0d607c
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-06-09T19:22:47Z/ Found at https://github.com/openssl/openssl/commit/843c9b94ca9c2ed248bb30127bb4f3d7af0d607c
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://github.com/openssl/openssl/commit/983d54b5cce8d16147548ed1a37892d1720bbab6
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-06-09T19:22:47Z/ Found at https://github.com/openssl/openssl/commit/983d54b5cce8d16147548ed1a37892d1720bbab6
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://openssl-library.org/news/secadv/20260609.txt
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-06-09T19:22:47Z/ Found at https://openssl-library.org/news/secadv/20260609.txt
Exploit Prediction Scoring System (EPSS)
Percentile 0.04403
EPSS Score 0.00017
Published At June 12, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-06-10T18:14:43.085436+00:00 SUSE Severity Score Importer Import https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml 38.6.0