| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-42769 | Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate | OpenSSL | OpenSSL | - | - | 2026-06-09 16:03:29 | Deep Dive |
| CVE-2026-42768 | Multi-RecipientInfo Bleichenbacher Oracle in CMS_decrypt() and PKCS7_decrypt() | OpenSSL | OpenSSL | - | - | 2026-06-09 16:03:28 | Deep Dive |
| CVE-2026-42766 | Possible NULL Dereference in Password-Based CMS Decryption | OpenSSL | OpenSSL | - | - | 2026-06-09 16:03:27 | Deep Dive |
| CVE-2026-42767 | NULL Pointer Dereference in CRMF EncryptedValue Decryption | OpenSSL | OpenSSL | - | - | 2026-06-09 16:03:27 | Deep Dive |
| CVE-2026-42765 | NULL Dereference in Certificate Verification with OCSP Checking | OpenSSL | OpenSSL | - | - | 2026-06-09 16:03:26 | Deep Dive |
| CVE-2026-42764 | NULL Pointer Dereference in QUIC Server Initial Packet Handling | OpenSSL | OpenSSL | - | - | 2026-06-09 16:03:25 | Deep Dive |
| CVE-2026-35188 | Double-free When Checking OCSP Stapled Response | OpenSSL | OpenSSL | - | - | 2026-06-09 16:03:24 | Deep Dive |
| CVE-2026-34183 | Unbounded Memory Growth in the QUIC PATH_CHALLENGE Handler | OpenSSL | OpenSSL | - | - | 2026-06-09 16:03:24 | Deep Dive |
| CVE-2026-34182 | CMS AuthEnvelopedData Processing May Accept Forged Messages | OpenSSL | OpenSSL | - | - | 2026-06-09 16:03:23 | Deep Dive |
| CVE-2026-34181 | PKCS#12 Files with PBMAC1 Are Accepted with Short HMAC Keys | OpenSSL | OpenSSL | - | - | 2026-06-09 16:03:22 | Deep Dive |
| CVE-2026-34180 | Heap Buffer Over-read in ASN.1 Content Parsing | OpenSSL | OpenSSL | - | - | 2026-06-09 16:03:17 | Deep Dive |
| CVE-2026-7383 | Possible Heap Buffer Overflow in ASN.1 Multibyte String Conversion | OpenSSL | OpenSSL | - | - | 2026-06-09 16:03:16 | Deep Dive |
| CVE-2026-9076 | Out-of-Bounds Read in CMS Password-Based Decryption | OpenSSL | OpenSSL | - | - | 2026-06-09 16:03:16 | Deep Dive |
| CVE-2026-49842🧪 | FreeSWITCH: Pre-authentication bandwidth amplification via `mod_verto` speed-test frames | signalwire | freeswitch | High | 7.5 | 2026-06-09 16:02:58 | Deep Dive |
| CVE-2026-49841🧪 | FreeSWITCH: Pre-authentication heap buffer overflow in `mod_verto` HTTP POST body read | signalwire | freeswitch | Critical | 9.8 | 2026-06-09 16:02:24 | Deep Dive |
| CVE-2026-49840🧪 | FreeSWITCH: Pre-authentication heap buffer overflow in libesl `Content-Length` parsing | signalwire | freeswitch | Critical | 9.1 | 2026-06-09 16:00:57 | Deep Dive |
| CVE-2026-49475🧪 | FreeSWITCH: Out-of-bounds memory access in core STUN attribute parsing | signalwire | freeswitch | High | 7.5 | 2026-06-09 16:00:33 | Deep Dive |
| CVE-2026-49472 | FreeSWITCH includes a vulnerable function, PREFIX(prologTok)() from libexpat | signalwire | freeswitch | Medium | 5.3 | 2026-06-09 15:59:49 | Deep Dive |
| CVE-2026-45771🧪 | Freeswitch Denial-of-Service in SIP PUBLISH Requests via XML Entity Expansion | signalwire | freeswitch | High | 7.5 | 2026-06-09 15:51:49 | Deep Dive |
| CVE-2026-0420 | Missing TLS certificate validation in NETGEAR's ReadyCloud client app | NETGEAR | RAX120v1 | - | - | 2026-06-09 15:50:54 | Deep Dive |