A total of 12 vulnerabilities have been fixed in OpenSSL, all discovered by a single cybersecurity firm.
January 28, 2026 By Eduard Kovacs
OpenSSL updates released on Tuesday patch a dozen vulnerabilities, including a high-severity remote code execution flaw.
All 12 vulnerabilities patched in the open source SSL/TLS toolkit were discovered by cybersecurity firm Aisle, which used an autonomous analyzer to identify the security holes.
The high-severity issue is tracked as CVE-2025-15467 and it has been described as a stack buffer overflow that could lead to a crash (DoS condition) or remote code execution in certain conditions.
OpenSSL maintainers explained in their advisory: