cbcvebase.
CVE-2026-32283
published 2026-04-08

CVE-2026-32283: If one side of the TLS connection sends multiple key update messages post-handshake in a single record, the connection can deadlock, causing uncontrolled…

PriorityP343high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
EPSS
0.62%
45.3th percentile
If one side of the TLS connection sends multiple key update messages post-handshake in a single record, the connection can deadlock, causing uncontrolled consumption of resources. This can lead to a denial of service. This only affects TLS 1.3.

Affected

115 ranges· showing 25
VendorProductVersion rangeFixed in
3scale-amp23scale-rhel7-operator
3scale-amp23scale-rhel9-operator
3scale-amp263scale-operator
3scale-amp26operator
advanced-cluster-securityrhacs-main-rhel8
amq7amq-broker-rhel9-operator
ansible-automation-platform-26receptor-rhel9
ansible-automation-platformplatform-operator-bundle
apicurioapicurio-registry-rhel8-operator
apicurioapicurio-registry-rhel9-operator
build-of-trusteetrustee-rhel9-operator
buildah_projectbuildah
cert-managerjetstack-cert-manager-rhel9
complianceopenshift-compliance-operator-bundle
complianceopenshift-selinuxd-rhel8
confidential-containerstrustee
container-native-virtualizationvirt-api
container-native-virtualizationvirt-api-rhel9
container-tools_rhel8buildah
container-tools_rhel8conmon
container-tools_rhel8containernetworking-plugins
container-tools_rhel8podman
container-tools_rhel8runc
container-tools_rhel8skopeo
container-tools_rhel8toolbox

CVSS provenance

nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
ghsa7.5HIGH
osv7.5HIGH
vendor_debian7.5HIGH
vendor_redhat7.5HIGH
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.