{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-34181", "assignerOrgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5", "state": "PUBLISHED", "assignerShortName": "openssl", "dateReserved": "2026-03-26T09:29:36.013Z", "datePublished": "2026-06-09T16:03:22.065Z", "dateUpdated": "2026-06-09T16:03:22.065Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "OpenSSL", "vendor": "OpenSSL", "versions": [{"lessThan": "4.0.1", "status": "affected", "version": "4.0.0", "versionType": "semver"}, {"lessThan": "3.6.3", "status": "affected", "version": "3.6.0", "versionType": "semver"}, {"lessThan": "3.5.7", "status": "affected", "version": "3.5.0", "versionType": "semver"}, {"lessThan": "3.4.6", "status": "affected", "version": "3.4.0", "versionType": "semver"}]}], "credits": [{"lang": "en", "type": "reporter", "value": "Pavol \u017d\u00e1\u010dik (Red Hat)"}, {"lang": "en", "type": "reporter", "value": "Alex Gaynor (Anthropic)"}, {"lang": "en", "type": "remediation developer", "value": "Alicja Kario (Red Hat)"}], "datePublic": "2026-06-09T14:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Issue Summary: The PKCS#12 file processing fails to perform sufficient input<br>validation for files that use Password-Based Message Authentication Code 1<br>(PBMAC1) integrity mechanism allowing a certificate and private key forgery.<br><br>Impact Summary: An attacker impersonating a user can cause a service reading<br>PKCS#12 files to accept forged certificates and private keys with a 1 in 256<br>probability.<br><br>If a service accepting PKCS#12 files is using passwords for authenticating<br>the received files, the attacker can create unencrypted PKCS#12 files that<br>use PBMAC1 authentication that specifies an HMAC key of only one byte, allowing<br>them to craft a file that will be accepted with a 1 in 256 probability.<br>That would then cause the service to accept a certificate and private key<br>controlled by the attacker.<br><br>The FIPS modules are not affected by this issue, as the affected code is<br>outside the OpenSSL FIPS module boundary."}], "value": "Issue Summary: The PKCS#12 file processing fails to perform sufficient input\nvalidation for files that use Password-Based Message Authentication Code 1\n(PBMAC1) integrity mechanism allowing a certificate and private key forgery.\n\nImpact Summary: An attacker impersonating a user can cause a service reading\nPKCS#12 files to accept forged certificates and private keys with a 1 in 256\nprobability.\n\nIf a service accepting PKCS#12 files is using passwords for authenticating\nthe received files, the attacker can create unencrypted PKCS#12 files that\nuse PBMAC1 authentication that specifies an HMAC key of only one byte, allowing\nthem to craft a file that will be accepted with a 1 in 256 probability.\nThat would then cause the service to accept a certificate and private key\ncontrolled by the attacker.\n\nThe FIPS modules are not affected by this issue, as the affected code is\noutside the OpenSSL FIPS module boundary."}], "metrics": [{"format": "other", "other": {"content": {"text": "Low"}, "type": "https://openssl-library.org/policies/general/security-policy/"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-354", "description": "CWE-354 Improper Validation of Integrity Check Value", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5", "shortName": "openssl", "dateUpdated": "2026-06-09T16:03:22.065Z"}, "references": [{"name": "OpenSSL Advisory", "tags": ["vendor-advisory"], "url": "https://openssl-library.org/news/secadv/20260609.txt"}, {"name": "4.0.1 git commit", "tags": ["patch"], "url": "https://github.com/openssl/security/commit/0300eb9ddce7a0895bf301a4b0c03a9da2313a0f"}, {"name": "3.6.3 git commit", "tags": ["patch"], "url": "https://github.com/openssl/security/commit/ec36f2417c4ddd8cabce4b4a60a3d7a7365f2d81"}, {"name": "3.5.7 git commit", "tags": ["patch"], "url": "https://github.com/openssl/security/commit/85dcbb3abaa4878af5c8fbbe11bce708fcf984a7"}, {"name": "3.4.6 git commit", "tags": ["patch"], "url": "https://github.com/openssl/security/commit/79eb76a937e474bb7610a0a3dc57131dc8dc6610"}], "source": {"discovery": "UNKNOWN"}, "title": "PKCS#12 Files with PBMAC1 Are Accepted with Short HMAC Keys", "x_generator": {"engine": "Vulnogram 0.2.0"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Issue Summary: The PKCS#12 file processing fails to perform sufficient input\nvalidation for files that use Password-Based Message Authentication Code 1\n(PBMAC1) integrity mechanism allowing a certificate and private key forgery.\n\nImpact Summary: An attacker impersonating a user can cause a service reading\nPKCS#12 files to accept forged certificates and private keys with a 1 in 256\nprobability.\n\nIf a service accepting PKCS#12 files is using passwords for authenticating\nthe received files, the attacker can create unencrypted PKCS#12 files that\nuse PBMAC1 authentication that specifies an HMAC key of only one byte, allowing\nthem to craft a file that will be accepted with a 1 in 256 probability.\nThat would then cause the service to accept a certificate and private key\ncontrolled by the attacker.\n\nThe FIPS modules are not affected by this issue, as the affected code is\noutside the OpenSSL FIPS module boundary."}], "id": "CVE-2026-34181", "lastModified": "2026-06-09T17:17:04.740", "metrics": {}, "published": "2026-06-09T17:17:04.740", "references": [{"source": "openssl-security@openssl.org", "url": "https://github.com/openssl/security/commit/0300eb9ddce7a0895bf301a4b0c03a9da2313a0f"}, {"source": "openssl-security@openssl.org", "url": "https://github.com/openssl/security/commit/79eb76a937e474bb7610a0a3dc57131dc8dc6610"}, {"source": "openssl-security@openssl.org", "url": "https://github.com/openssl/security/commit/85dcbb3abaa4878af5c8fbbe11bce708fcf984a7"}, {"source": "openssl-security@openssl.org", "url": "https://github.com/openssl/security/commit/ec36f2417c4ddd8cabce4b4a60a3d7a7365f2d81"}, {"source": "openssl-security@openssl.org", "url": "https://openssl-library.org/news/secadv/20260609.txt"}], "sourceIdentifier": "openssl-security@openssl.org", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-354"}], "source": "openssl-security@openssl.org", "type": "Secondary"}]}

{}

{"created": "2026-06-09T17:30:10.520517+00:00", "updated": "2026-06-09T17:30:10.520530+00:00", "vendors": []}