Tag

Vcpkg

1 brief RSS

vcpkg OpenSSL Windows Build Path Vulnerability (CVE-2026-34054)

A vulnerability exists in vcpkg versions prior to 3.6.1#3, where Windows builds of OpenSSL set openssldir to a path on the build machine, making that path vulnerable to attack on customer machines.

vulnerability openssl vcpkg cwe-427 windows

2r 2t 1c Mar 31, 2026