CSIRTS // UNIFIED SECURITY ADVISORY FEEDSYS ● ONLINE · POWERED BY INTELFUSIONS.COM

CVE-2026-7511

highCVSS 7.5covered by 2 sourcesfirst seen 2026-06-09
PKCS7_verify signer confusion allows forged signatures, where the signer associated with a signature is not correctly bound, permitting a forged signature to be accepted.

CSIRTS triage

Other
What
A signer confusion allows forged signatures to be accepted in PKCS7_verify.
Who is affected
Deployments using PKCS7 verification are affected.
Urgency
Remediation is high urgency due to the potential for serious security breaches.
Action
Update to the patched version of the PKCS7 verification library.

AI-assisted analysis generated from the source advisory — verify against the original.

⚡ Watch CVE-2026-7511

Get an email if CVE-2026-7511 is added to CISA KEV, gains public exploit code, or a new advisory cites it — max one per day, one-click unsubscribe.

Exploitation outlook

Advisory coverage (2)

External references

NVD record for CVE-2026-7511

CVE.org record

Embed the live status

CVE-2026-7511 live status badge — this badge updates automatically when the KEV or exploit status changes. How to embed it →

[![CVE-2026-7511 status](https://www.csirts.com/badge/CVE-2026-7511)](https://www.csirts.com/cve/CVE-2026-7511)