VDB
JLSEC-2026-260
JLSEC-2026-260
PUBLISHED
CVSS 5.900000095367432 MEDIUM
Issue summary: A TLS 1.3 connection using certificate compression can be forced to allocate a...
Risk Scores
CVSS 3.1
5.900000095367432
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Julia | OpenSSL_jll | 3.5.0+0, 3.5.0+0 |
Exploit Intelligence
- .grype.yaml (github-poc)
- .grype.yaml (github-poc)
- .grype.yaml (github-poc)
- TestCommand.yaml (github-poc)
- .grype.yaml (github-poc)
- 2026.xml (github-poc)
- 2026.xml (github-poc)
- GenerationConfig.java (github-poc)
- SelfAdaptationGenerationConfig.java (github-poc)
- scan_image_responses.py (github-poc)
Timeline
- Apr 27, 2026 CVE Published
- Apr 27, 2026 CVE Updated
References
- https://github.com/advisories/GHSA-5888-36j9-c92p url
- https://github.com/openssl/openssl/commit/3ed1f75249932b155eef993a8e66a99cb98bfef4 url
- https://github.com/openssl/openssl/commit/6184a4fb08ee6d7bca570d931a4e8bef40b64451 url
- https://github.com/openssl/openssl/commit/895150b5e021d16b52fb32b97e1dd12f20448be5 url
- https://github.com/openssl/openssl/commit/966a2478046c311ed7dae50c457d0db4cafbf7e4 url
- https://nvd.nist.gov/vuln/detail/CVE-2025-66199 url
- https://openssl-library.org/news/secadv/20260127.txt url