Severity: Unknown
Affected Package: openssl
Summary: incorrect failure handling in RSA KEM RSASVE encapsulation leaks uninitialized memory
Applications using RSASVE key encapsulation to establish a secret encryption key can send the contents of an uninitialized memory buffer to a malicious peer. The uninitialized buffer might contain sensitive data from a previous execution, leading to sensitive data leakage. Severity: Moderate (OpenSSL).
No specific recommendations provided.
Aliases: CVE-2026-31790
Published: June 11, 2026
Last Modified: June 11, 2026