Will any 2026 CVE in OpenSSL receive a "Critical" severity rating from the OpenSSL project?

Open·Closes 8mo·Vol 0 credits

Probability

connecting…

Yes50%

Volume: 0 credits

Not enough trades yet to draw a history.

About

OpenSSL has only ever rated a handful of vulnerabilities "Critical" under its severity policy. Resolves YES if openssl.org/news/vulnerabilities.html lists at least one CVE with announce-date in 2026 and severity "Critical".

Resolution criteria

Severity table on the OpenSSL vulnerabilities page lists a 2026 entry rated "Critical".

Source: https://openssl.org/news/vulnerabilities.html.
Ambiguity: AMBIGUOUS if the project releases a "High" rated bug that some media report as "Critical" without project confirmation.

openssltlscritical

Discussion

Loading comments…