Security Advisory

CVE-2026-34054

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-03-31 01:56:14

Last updated 2026-04-02 03:55:58

Assigner GitHub_M

State PUBLISHED

Description

vcpkg is a free and open-source C/C++ package manager. Prior to version 3.6.1#3, vcpkgs Windows builds of OpenSSL set openssldir to a path on the build machine, making that path be attackable later on customer machines. This issue has been patched in version 3.6.1#3.

← Browse all CVEs View on cve.org ↗