OpenSSL 3.6.2 patches eight CVEs across a range of components. The project rates the most severe issue in the release as Moderate. What got fixed The release fixes incorrect failure handling in RSA KEM RSASVE encapsulation (CVE-2026-31790) and a loss of key agreement group tuple structure when the DEFAULT keyword is used in server-side configuration of the key-agreement group list (CVE-2026-2673). An out-of-bounds read in AES-CFB-128 on x86-64 CPUs with AVX-512 support (CVE-2026-28386) is also … More → The post OpenSSL 3.6.2 lands with eight CVE fixes appeared first on Help Net Security .