Heap out-of-bounds read in PKCS7 parsing. A crafted PKCS7 message can trigger an OOB read on the heap. The missing bounds check is in the indefinite-length end-of-content verification loop in PKCS7_VerifySignedData().
{
"sources": [
{
"url": "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2026-5392",
"html_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-5392",
"modified": "2026-06-17T10:58:57.030Z",
"id": "CVE-2026-5392",
"imported": "2026-07-14T21:22:49.306Z",
"published": "2026-04-10T00:16:35.603Z",
"database_specific": {
"status": "Analyzed"
}
},
{
"url": "https://api.github.com/advisories/GHSA-52wm-3mqv-vmmj",
"html_url": "https://github.com/advisories/GHSA-52wm-3mqv-vmmj",
"published": "2026-04-10T00:30:31Z",
"imported": "2026-07-14T21:23:04.307Z",
"id": "GHSA-52wm-3mqv-vmmj",
"modified": "2026-04-29T15:30:36Z"
},
{
"url": "https://euvdservices.enisa.europa.eu/api/enisaid?id=EUVD-2026-21229",
"html_url": "https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-21229",
"published": "2026-04-09T23:10:55Z",
"imported": "2026-07-14T21:22:51.643Z",
"id": "EUVD-2026-21229",
"modified": "2026-04-10T14:08:48Z"
}
],
"license": "CC-BY-4.0"
}