SAN FRANCISCO and PRAGUE, Jan. 27, 2026 (GLOBE NEWSWIRE) — Security researchers from AISLE™ have identified 12 new security vulnerabilities in OpenSSL, the widely adopted open-source cryptographic library that underpins encryption, authentication and secure communications across the internet. The vulnerabilities are addressed in a coordinated OpenSSL security release published today, with patches now available to users and downstream software maintainers.
The vulnerabilities disclosed in this release span multiple components of OpenSSL and affect a wide range of supported versions. One of the issues, CVE-2025-15467, is rated HIGH severity and has the potential to enable remote code execution under specific conditions. Others could result in denial-of-service scenarios or application crashes. OpenSSL and AISLE strongly encourage all users to update promptly to avoid exploitation.
Downloaded more than 15 million times annually, OpenSSL is one of the most widely used open-source components in modern software. Used in more than 95% of IT organizations worldwide, it is embedded in operating systems, cloud platforms, enterprise applications, networking equipment and critical infrastructure. It is a foundational dependency for secure email, encrypted communications, authentication protocols and certificate handling. Vulnerabilities in such core libraries can propagate risk downstream to thousands of products and services, including those in finance, healthcare, government, and cloud computing.
“These disclosures underscore the broader challenge facing the open-source software ecosystem: as software complexity grows and attack surfaces expand, even secure, mature and extensively reviewed codebases can harbor security flaws,” said Stanislav Fort, co-founder and chief scientist at AISLE. “Keeping pace with discovery, validation and remediation is increasingly difficult using traditional, manual approaches alone. AISLE’s research reflects how AI-driven, continuous analysis can augment human expertise and help uncover vulnerabilities that would otherwise remain hidden. All 12 vulnerabilities were discovered by AI and validated by our research team.”
AISLE Discovers 15 Vulnerabilities Across the OpenSSL Codebase
These 12 vulnerabilities, along with three others disclosed in 2025 for a total of 15, were identified by AISLE’s AI system during a systematic analysis of OpenSSL’s codebase. Findings were reported through responsible disclosure channels beginning in August 2025 and resolved through coordinated releases with the OpenSSL project. In several cases, AISLE researchers also contributed patches that were incorporated into the official OpenSSL release.
“Independent research is one of the most important sources of the security of the OpenSSL library and open source projects overall,” said Tomas Mraz, CTO, OpenSSL Foundation. “This release is fixing 12 security issues, all disclosed to us by Aisle. We appreciate the high quality of these reports and their constructive collaboration with us throughout the remediation process.”
AISLE’s research efforts apply AI-native reasoning systems to the discovery and remediation of previously unknown security issues in widely used software. By combining advanced AI analysis with responsible disclosure and close collaboration with open-source maintainers, AISLE supports earlier detection and resolution of vulnerabilities, often before they reach production systems.
Visit the AISLE blog for a more in-depth analysis of these vulnerabilities. For more information about the OpenSSL security release, including affected versions and patches, users should refer to the official OpenSSL advisory.
About AISLE™
AISLE is leading a new generation of autonomous vulnerability management.
The company’s AI-native cyber reasoning system (CRS) uncovers vulnerabilities that legacy tools miss and autonomously generates ready-to-merge patches, collapsing remediation time to days/minutes while preserving human oversight.
AISLE transforms vulnerability management from a costly, manual bottleneck into a scalable, autonomous process, empowering defenders to accelerate beyond the speed of attackers. Learn more at http://www.aisle.com.
Media Contact
Jennifer Tanner
Look Left Marketing
aisle@lookleftmarketing.com
