Question 1

What is CVE-2026-6092 — CVE-2026-6092?

Accepted Answer

When HAVE_ENCRYPT_THEN_MAC is configured, the implementation could fall back to MAC-then-Encrypt rather than enforcing Encrypt-then-MAC.

Question 2

What is the authoritative source for CVE-2026-6092?

Accepted Answer

CVE-2026-6092 (CVE-2026-6092) is catalogued in NVD + CISA KEV + FIRST EPSS and curated for EU compliance use cases by SQUR.

CVE-2026-6092CVE-2026-6092

Description