rust-openssl Buffer Overflow in EVP_DigestFinal (0.10.39-0.10.78)
CVE-2026-41681 Published on April 24, 2026

rust-openssl: MdCtxRef::digest_final() writes past caller buffer with no length check
rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.10.39 to before 0.10.78, EVP_DigestFinal() always writes EVP_MD_CTX_size(ctx) to the out buffer. If out is smaller than that, MdCtxRef::digest_final() writes past its end, usually corrupting the stack. This is reachable from safe Rust. This vulnerability is fixed in 0.10.78.

NVD

Weakness Type

What is a Stack Overflow Vulnerability?

A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).

CVE-2026-41681 has been classified to as a Stack Overflow vulnerability or weakness.

Affected Versions

rust-openssl Version >= 0.10.39, < 0.10.78 is affected by CVE-2026-41681

rust-openssl Buffer Overflow in EVP_DigestFinal (0.10.39-0.10.78)CVE-2026-41681 Published on April 24, 2026

Weakness Type

What is a Stack Overflow Vulnerability?

Affected Versions

rust-openssl Buffer Overflow in EVP_DigestFinal (0.10.39-0.10.78)
CVE-2026-41681 Published on April 24, 2026