CVE-2026-28387
Modified Modified - Updated After Analysis
Use-After-Free in TLSA-Based DANE Client Authentication

Publication date: 2026-04-07

Last updated on: 2026-05-10

Assigner: OpenSSL Software Foundation

Description
Issue summary: An uncommon configuration of clients performing DANE TLSA-based server authentication, when paired with uncommon server DANE TLSA records, may result in a use-after-free and/or double-free on the client side. Impact summary: A use after free can have a range of potential consequences such as the corruption of valid data, crashes or execution of arbitrary code. However, the issue only affects clients that make use of TLSA records with both the PKIX-TA(0/PKIX-EE(1) certificate usages and the DANE-TA(2) certificate usage. By far the most common deployment of DANE is in SMTP MTAs for which RFC7672 recommends that clients treat as 'unusable' any TLSA records that have the PKIX certificate usages. These SMTP (or other similar) clients are not vulnerable to this issue. Conversely, any clients that support only the PKIX usages, and ignore the DANE-TA(2) usage are also not vulnerable. The client would also need to be communicating with a server that publishes a TLSA RRset with both types of TLSA records. No FIPS modules are affected by this issue, the problem code is outside the FIPS module boundary.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-04-07
Last Modified
2026-05-10
Generated
2026-06-16
AI Q&A
2026-04-08
EPSS Evaluated
2026-06-14
NVD
CVE-2026-28387
EUVD
EUVD-2026-19961
Affected Vendors & Products
Showing 6 associated CPEs
Vendor Product Version / Range
openssl openssl From 3.0.0 (inc) to 3.0.20 (exc)
openssl openssl From 3.3.0 (inc) to 3.3.7 (exc)
openssl openssl From 3.4.0 (inc) to 3.4.5 (exc)
openssl openssl From 3.5.0 (inc) to 3.5.6 (exc)
openssl openssl From 3.6.0 (inc) to 3.6.2 (exc)
openssl openssl From 1.1.1 (inc) to 1.1.1zg (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-416 The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability occurs in clients that use a specific and uncommon configuration involving DANE TLSA-based server authentication. When these clients interact with servers that publish uncommon DANE TLSA records, it may cause a use-after-free or double-free error on the client side.

Specifically, the issue affects clients that use TLSA records with both PKIX-TA (0) or PKIX-EE (1) certificate usages and DANE-TA (2) certificate usage simultaneously. Most common deployments, such as SMTP MTAs following RFC7672, do not use this combination and thus are not vulnerable.

Impact Analysis

The use-after-free vulnerability can lead to several potential impacts including corruption of valid data, application crashes, or even execution of arbitrary code on the client side.

However, this impact is limited to clients configured to use both PKIX and DANE-TA TLSA records and communicating with servers publishing both types of TLSA records. Clients that only use PKIX or treat PKIX TLSA records as unusable are not affected.

Compliance Impact

The provided information does not specify any direct impact of this vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.

Mitigation Strategies

This vulnerability affects clients that perform DANE TLSA-based server authentication with an uncommon configuration involving both PKIX and DANE-TA certificate usages.

To mitigate this issue, ensure that your clients either follow the common deployment practice recommended by RFC7672, which treats TLSA records with PKIX certificate usages as unusable, or only support PKIX usages and ignore DANE-TA usage.

Additionally, avoid communicating with servers that publish TLSA RRsets containing both PKIX and DANE-TA TLSA records.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-28387. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart