CVE-2026-45447: Heap Use-After-Free in PKCS7_verify
🟠 High | Source: Microsoft Security Response Center CVE-2026-45447 is a heap use-after-free vulnerability in the PKCS7_verify() function, which is used to verify digitally signed data packages. This type of memory corruption flaw can potentially allow an attacker to execute arbitrary code or cause a crash by manipulating how memory is accessed after it has been freed. Given its presence in a cryptographic verification routine, it could undermine trust in signed content processed by affected Azure services or underlying components. ...