CVE-2026-45447: Heap Use-After-Free in the PKCS7_verify() Function

Overview

Severity

High (CVSS 8.8)

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploit Status

Not Exploited

Patch Tuesday

2026-Jun

Released

2026-06-13

EPSS Score

0.09% (percentile: 26.2%)

Detection & Weaponization (1 sources)

Maturity: Exploit

• GitHub PoC: 1 repositories

Affected Products (6)

Other

• 21217-17084
• 21450-17084
• 21370-17084
• 21380-17084
• 21400-17084
• 21433-17084

Revision History

• 2026-06-13: Information published.