Severity: Unknown
Affected Package: openssl
Summary: use-after-free in DANE client code
An uncommon configuration of clients performing DANE TLSA-based server authentication, paired with uncommon server DANE TLSA records, may result in a use-after-free and/or double-free on the client side, with potential consequences including data corruption, crashes, or arbitrary code execution. Severity: Low (OpenSSL).
No specific recommendations provided.
Aliases: CVE-2026-28387
Published: June 11, 2026
Last Modified: June 11, 2026