CVE-2026-28387 — Use After Free in Openssl
CWE-416 — Use After FreeCWE-1341 — Multiple Releases of Same Resource or Handle12 documents9 sources
Severity
7.5HIGH
No vectorEPSS
0.0%
top 94.48%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedApr 7
Latest updateApr 9
Description
Issue summary: An uncommon configuration of clients performing DANE TLSA-based
server authentication, when paired with uncommon server DANE TLSA records, may
result in a use-after-free and/or double-free on the client side.
Impact summary: A use after free can have a range of potential consequences
such as the corruption of valid data, crashes or execution of arbitrary code.
However, the issue only affects clients that make use of TLSA records with both
the PKIX-TA(0/PKIX-EE(1) certificate usa…
Affected Packages5 packages
🔴Vulnerability Details
3GHSA▶
GHSA-h2cc-wx97-xp8v: Issue summary: An uncommon configuration of clients performing DANE TLSA-based
server authentication, when paired with uncommon server DANE TLSA recor↗2026-04-08
OSV▶
CVE-2026-28387: Issue summary: An uncommon configuration of clients performing DANE TLSA-based
server authentication, when paired with uncommon server DANE TLSA recor↗2026-04-07
OSV▶
CVE-2026-28387: Issue summary: An uncommon configuration of clients performing DANE TLSA-based server authentication, when paired with uncommon server DANE TLSA recor↗2026-04-07
📋Vendor Advisories
5🕵️Threat Intelligence
2💬Community
1Bugzilla▶
CVE-2026-28387 openssl: OpenSSL: Arbitrary code execution due to use-after-free in DANE TLSA authentication↗2026-03-25