CVE-2026-42771

Source
https://cve.org/CVERecord?id=CVE-2026-42771
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-42771.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-42771
Downstream
Published
2026-06-09T16:03:30.565Z
Modified
2026-07-08T08:13:26.720453994Z
Severity
  • 6.2 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
Possible Out of Bounds Read in X509_VERIFY_PARAM_set1_email()
Details

Issue summary: When the X509VERIFYPARAMset1email is called by an application to validate a crafted e-mail address, such as during S/MIME message validation, an out of bounds read can happen.

Impact summary: This out of bounds read will not directly exfiltrate the data read to the attacker so the most likely result is a crash and a Denial of Service.

An internal helper function called from X509VERIFYPARAM_[set|add]_email() used a wrong length when validating the local part of an email address. This could cause the 64 octet limit on the local part of an email address to be not enforced, or cause an out of bound read and potentially a crash.

The bug is reachable via S-MIME validation with a crafted From: address supplied in an email message that can potentially cause a crash.

No FIPS modules are affected by this issue as the affected code is outside the OpenSSL FIPS module boundary.

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/42xxx/CVE-2026-42771.json",
    "cwe_ids": [
        "CWE-125"
    ],
    "cna_assigner": "openssl"
}
References

Affected packages

Git / github.com/openssl/openssl

Affected ranges

Type
GIT
Repo
https://github.com/openssl/openssl
Events
Database specific
{
    "source": "AFFECTED_FIELD",
    "extracted_events": [
        {
            "introduced": "4.0.0"
        },
        {
            "fixed": "4.0.1"
        }
    ]
}

Affected versions

4.*
4.0.0-NA
openssl-4.*
openssl-4.0.0

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-42771.json"