Ref# ADV2026_39 | Date: Jan 30th 2026

---

OpenSSL published a security advisory highlighting vulnerabilities in the following products on January 27th, 2026. It is recommended that you take the necessary precautions by ensuring your products are always updated. 

• OpenSSL – versions 3.6.0 to versions prior to 3.6.1 

• OpenSSL – versions 3.5.0 to versions prior to 3.5.5 

• OpenSSL – versions 3.4.0 to versions prior to 3.4.4 

• OpenSSL – versions 3.3.0 to versions prior to 3.3.6 

• OpenSSL – versions 3.0.0 to versions prior to 3.0.19 

 

For more information on these updates, you can follow these URLs: 

• CVE-2025-15467 

• CVE-2025-11187 

• OpenSSL Vulnerabilities 

 

The Guyana National CIRT recommends that users and administrators review these updates and apply them where necessary. 

 

References 

• CVE-2025-15467. (n.b.). Retrieved from Google Chrome. https://openssl-library.org/news/vulnerabilities/index.html#CVE-2025-15467 

 

• CVE-2025-11187. (n.b.). Retrieved from Google Chrome. https://openssl-library.org/news/vulnerabilities/index.html#CVE-2025-11187 

 

• OpenSSL Vulnerabilities. (n.b.). Retrieved from OpenSSL. https://openssl-library.org/news/vulnerabilities/index.html 

 

• OpenSSL security advisory. (January 27, 2026). Retrieved from Canadian Centre for Cyber Security. https://www.cyber.gc.ca/en/alerts-advisories/openssl-security-advisory-av26-058