Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

OpenSSL Library security update (CVE-2025-9230, CVE-2025-9231, CVE-2025-9232)

Security Patch Release
First reported
Last updated
Happening score
H score 11
1 unique sources, 1 articles

Summary

Hide ▲

The OpenSSL Project released 3.5.4, 3.4.3, 3.3.5, 3.2.6, 3.0.18, 1.0.2zm and 1.1.1zd to fix CVE-2025-9230, CVE-2025-9231 and CVE-2025-9232. The update matters because OpenSSL is widely used by applications, websites and services for SSL/TLS communications. One flaw may allow private key recovery on the SM2 algorithm implementation on 64-bit ARM platforms. Another is an out-of-bound read/write issue that can enable arbitrary code execution or DoS, while the third can trigger a crash/DoS.

Related Happenings

Ivanti security patch release for CVE-2026-8043

Security Patch Release
First: 18.05.2026 13:54 Last: 18.05.2026 13:54 Sources 1

About this happening: **Ivanti, Fortinet, SAP, Broadcom, and n8n** released **security fixes** on **2026-05-18** for flaws that could enable **authentication bypass**, **remote code execution**, **SQL...

Open Happening

Exim security patch release for CVE-2026-45185

Security Patch Release
First: 13.05.2026 23:23 Last: 13.05.2026 23:23 Sources 1

About this happening: **Exim** released **version 4.99.3** to fix **CVE-2026-45185**, closing a **remote-code-execution risk** in affected mail servers. The patch applies to **Exim versions before 4.99...

Open Happening

Linux kernel Dirty Frag patch release (CVE-2026-43284, CVE-2026-43500)

Security Patch Release
First: 11.05.2026 17:30 Last: 11.05.2026 17:30 Sources 1

About this happening: **Major Linux distributions** are rolling out fixes for **Dirty Frag**, the **Linux kernel** patch release that covers **CVE-2026-43284** and **CVE-2026-43500**. The update matter...

Open Happening

CPanel security patch release for CVE-2026-29201

Security Patch Release
First: 09.05.2026 10:16 Last: 09.05.2026 10:16 Sources 1

About this happening: **cPanel** released updates for **cPanel and Web Host Manager (WHM)** to fix **three vulnerabilities** that could enable **privilege escalation**, **code execution**, or **denial-...

Open Happening

Linux kernel security update for Copy Fail (CVE-2026-31431)

Security Patch Release
First: 30.04.2026 16:54 Last: 30.04.2026 16:54 Sources 1

About this happening: **Linux kernel** maintainers have fixed **CVE-2026-31431** and are rolling out updates to close a **local privilege escalation** flaw that lets an unprivileged attacker gain **roo...

Open Happening

Timeline

  1. 01.10.2025 16:59 2 articles · 7mo ago

    OpenSSL releases patched versions for CVE-2025-9230, CVE-2025-9231 and CVE-2025-9232

    Initial Disclosure

    OpenSSL Project released versions 3.5.4, 3.4.3, 3.3.5, 3.2.6, 3.0.18, 1.0.2zm and 1.1.1zd of the OpenSSL Library to patch CVE-2025-9230, CVE-2025-9231 and CVE-2025-9232.

    Show sources
    Open in new tab
  2. 01.10.2025 16:59 1 articles · 7mo ago

    OpenSSL vulnerabilities can expose private keys, code execution and DoS risk

    Technical Analysis Update

    CVE-2025-9231 may allow private key recovery in the SM2 algorithm implementation on 64-bit ARM platforms, CVE-2025-9230 is an out-of-bound read/write issue that may enable arbitrary code execution or DoS, and the third vulnerability can trigger a crash that results in DoS; OpenSSL is widely used to secure communications, so private key exposure could let an attacker decrypt encrypted traffic or conduct a man-in-the-middle attack.

    Show sources
    Open in new tab