A vulnerability was found in OpenSSL up to 3.6.1 on x86-64. It has been rated as problematic . The impacted element is an unknown function of the component AES-CFB-128 Handler . The manipulation leads to out-of-bounds read. This vulnerability is documented as CVE-2026-28386 . The attack can be initiated remotely. There is not any exploit available. Upgrading the affected component is advised.