Every CVE whose affected-product data names Erlang Erlang/ssl, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2026-55952 — CVSS 7.5 (high): The Erlang/OTP ssl application does not validate that the PSK identity list and binder list carried in a TLS 1.3 ClientHello pre-shared key…
CVE-2026-48860 — CVSS 6.5 (medium): Reliance on IP Address for Authentication vulnerability in Erlang/OTP ssl (inet_tls_dist module) allows unauthenticated bypass of the…
CVE-2026-55950 — CVSS 5.9 (medium): Time-of-check Time-of-use (TOCTOU) race condition vulnerability in Erlang/OTP ssl (dtls_packet_demux module) allows an unauthenticated…
CVE-2026-54887 — CVSS 4.8 (medium): Use of Default Cryptographic Key vulnerability in Erlang/OTP ssl (DTLS server) allows predictable DTLS cookie computation during the…
CVE-2026-54891 — CVSS 3.7 (low): Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability in Erlang/OTP ssl…