High

Out-of-bounds Read in OpenSSL AES-CFB-128 on x86-64 with AVX-512/VAES support

IdentifiersCVE-2026-28386CWE-125· Out-of-bounds Read

CVE-2026-28386 is an out-of-bounds read in OpenSSL’s AES-CFB128 encryption/decryption implementation on x86-64 systems that use the AVX-512/VAES optimized code path. When processing partial cipher blocks, specifically when a previous call left an incomplete block and a subsequent call supplies fewer bytes than needed to complete it, the affected implementation can read up to 15 bytes past the end of the input buffer. The issue is limited to the AVX-512/VAES path on x86-64; other architectures and systems without VAES support use different code paths and are not affected. The over-read bytes are not written to output. The OpenSSL 3.6 branch is affected, and the OpenSSL FIPS module in version 3.6 is also affected.

For your environment

Are you exposed to this one?

Mallory correlates every CVE against your assets, your vendors, and active adversary campaigns. Know which vulnerabilities matter for you, not just which ones are loud.

Start free trial

ANALYST BRIEF

Impact, mitigation & remediation

What it means. What to do now. Patch path, mitigations, and the assume-compromise checklist.

Impact

What an attacker gets, and what they’ve been doing with it.

Successful triggering of the flaw can cause an application crash and resulting denial of service if the input buffer ends at a memory page boundary and the following page is unmapped. Based on the provided information, the issue does not result in information disclosure because the over-read data is not copied to output. No code execution impact is described. OpenSSL assessed the issue as Low severity.

Mitigation

If you can’t patch tonight, do this now.

Where immediate patching is not possible, reduce exposure by avoiding the affected OpenSSL 3.6 AVX-512/VAES code path on x86-64 systems, and by avoiding application patterns that process AES-CFB128 data in fragmented partial-block updates. The issue is only reachable under narrow conditions involving partial-block processing and a page-boundary/unmapped-page memory layout. The content also notes that CFB mode is not used in TLS/DTLS, which reduces exposure for those protocol uses. However, mitigation details beyond these constraints are not specifically provided in the source material.

Remediation

Patch, then assume compromise.

Upgrade to a fixed OpenSSL release. The provided content states that OpenSSL 3.6.2 addresses CVE-2026-28386. Affected deployments on the OpenSSL 3.6 branch, including the OpenSSL 3.6 FIPS module, should update to the vendor-fixed version.

PUBLIC EXPLOITS

Exploits

No public exploits tracked yet. Mallory keeps watching.

VALID 0 / 0 TOTALView more in app

No public exploit code observed for this vulnerability.

EXPOSURE SURFACE

Affected products & vendors

Products and vendors Mallory has correlated with this vulnerability. Open in Mallory to drill down to specific CPE configurations and version ranges.

VendorProductType

OpenSSL Software FoundationOpensslapplication

Vendor-confirmed product mapping. Mallory continuously reconciles this list against your asset inventory.

ACTIVITY FEED

Recent activity

9 sources tracked across advisories, community write-ups, and news. New activity surfaces here as Mallory finds it.

9 SOURCESView more in app

help net securityNews

Apr 8, 2026

OpenSSL 3.6.2 lands with eight CVE fixes - Help Net Security

An out-of-bounds read in AES-CFB-128 affecting x86-64 CPUs with AVX-512 support in OpenSSL.

cyberthroneNews

Apr 8, 2026

OpenSSL 3.6.2: The Moderate Severity Wave - TheCyberThrone

An out-of-bounds read in the AES-CFB-128 AVX-512 implementation on x86-64 systems, leading to memory-read exposure and potential information disclosure.

openssl libraryNews

Apr 7, 2026

OpenSSL Release Announcement for 3.6.2, 3.5.6, 3.4.5, 3.3.7, 3.0.20, 1.1.1zg and 1.0.2zp | OpenSSL Library

Out-of-bounds read in AES-CFB-128 on x86-64 systems with AVX-512 support in OpenSSL.

What this page doesn’t show

The version that knows your environment.

This page is what’s public. Mallory adds the parts that aren’t: which of your assets are affected, which adversaries are exploiting it right now, which detections to deploy, and what to do tonight.

Start free trial

Exposure mapping

Query your assets running an affected version, and investigate the blast radius.

Threat actor evidence

Every observed campaign linking this CVE to a named adversary.

Associated malware

Malware families riding this exploit, with evidence and IOCs.

Detection signatures

YARA, Sigma, Snort, and vendor rules, auto-deployed to your SIEM.

Vendor-by-vendor mapping

Cross-references every affected SKU, including bundled OEM variants.

Social activity6