On 7 April 2026 the OpenSSL project shipped a batch of patches closing two vulnerabilities. Neither is the kind that forces an emergency: the OpenSSL team rates both as low severity. It still helps to know what they touch and why almost nobody will be exposed in practice.
CVE-2026-28387: use-after-free in the DANE client
The first one affects server authentication through DANE, the mechanism that binds a TLS certificate to a TLSA record published in DNS (with DNSSEC). The problem shows up only in an uncommon client setup: when the client enables PKIX-TA (0), PKIX-EE (1) and DANE-TA (2) certificate usages at the same time, and the server publishes TLSA records covering those same types. Under that combination a use-after-free or double-free can happen on the client side.
What saves most deployments is how DANE works in the field. The common case is email: SMTP MTAs following RFC 7672 treat PKIX certificate usages as unusable, so they fall outside the problem. Clients that only support PKIX usages are likewise safe. Triggering the bug requires that specific mix of usages, which is rarely configured.
The fixed releases are 3.6.2, 3.5.6, 3.4.5, 3.3.7, 3.0.20 and 1.1.1zg. If you run DANE in a client with mixed TLSA configuration, move to the branch that applies to you.
CVE-2026-28386: out-of-bounds read in AES-CFB128
The second one is even narrower. It is an out-of-bounds read of up to 15 bytes in the AES-CFB128 path, and it appears only on x86-64 with AVX-512 and VAES support. The bug shows up when processing partial blocks: when a previous call left an incomplete block and the current call provides fewer bytes than needed to complete it.
The scope is tight for two reasons. First, it depends on hardware: other architectures and 64-bit Windows are not affected. Second, CFB mode is not used in TLS or DTLS, so exposure through normal network traffic is minimal. This CVE only affects OpenSSL 3.6.0, fixed in 3.6.2.
What to do
If you maintain servers or applications linked against OpenSSL, apply your branch’s release from your distribution’s repository once the package lands. In most cases there is no rush: neither bug is trivially or remotely exploitable, and the project itself scores them as low. Keeping OpenSSL current still avoids carrying patch debt, which does become a problem once it piles up.
Source
- OpenSSL Library — Vulnerabilities: https://openssl-library.org/news/vulnerabilities/
- CVE-2026-28387: https://nvd.nist.gov/vuln/detail/CVE-2026-28387