Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
Debian OpenSSL implementation allows man-in-the-middle attacks
DEBIAN-CVE-2026-33999
Summary
Debian's OpenSSL library has a flaw that could allow hackers to intercept sensitive information between a user's system and a secure website. This could happen if a user visits a website that uses HTTPS encryption, but the hacker is able to intercept the connection. To protect against this, Debian users should update their OpenSSL library as soon as possible.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Ecosystem | Vendor | Product | Affected versions |
|---|---|---|---|
| Debian:11 | debian | xorg-server | All versions |
| Debian:12 | debian | xorg-server | All versions |
| Debian:13 | debian | xorg-server | All versions |
| Debian:14 | debian | xorg-server | All versions |
| Debian:12 | debian | xwayland | All versions |
| Debian:13 | debian | xwayland | All versions |
| Debian:14 | debian | xwayland | All versions |
Original title
DEBIAN-CVE-2026-33999
- https://security-tracker.debian.org/tracker/CVE-2026-33999 Vendor Advisory
Published: 14 Apr 2026 · Updated: 14 Apr 2026 · First seen: 14 Apr 2026