petr_becvar asked a question.
We are using FlexNet Embedded 2025.09 for Java that uses OpenSSL 3.5.* that contains critical vulnerability CVE-2026-31789. Please advise if FlexNet Embedded Client libraries and/or FlexNet Embeded License Server is vulnerable to this CVE.
Are you sure you want to cancel the case creation?
Activity: Status change: 2 hours ago
Are you sure you want to close this case
| Products | Region | Phone Numbers |
|---|---|---|
| FlexNet Operations FlexNet Embedded FlexNet Publisher FlexNet Connect FlexNet Code Insight InstallAnywhere InstallShield |
North America * |
+1 630-332-2513 (toll) +1 877-279-2853 (toll-free in North America) |
| Europe * |
+44 1925 944367 (toll) +44 800 047 8642 (toll-free in Europe) |
|
| Japan * | +81 3-4540-5335 (select option 2) | |
| Australia * |
+61 3 9895 2177 +61 1800 560 603 (toll-free in Australia) |
|
|
Usage Intelligence (formerly
Revulytics) Compliance Intelligence |
Please use the Case Portal to submit your support ticket or reach out to your Revenera contact. | |
The FlexNet Embedded Java XT kits do not leverage any certificate parsing functionality from OpenSSL and so the vulnerability is not applicable. Hope that helps.
Thanks. It helps.
Unfortunatelly I will probably need some official statement like https://community.revenera.com/s/article/CVE-2025-15467-Impact-Assessment-for-FlexNet-Embedded to pass our QG.
Is there any chance on it, or shoudl I create a support case?
No problem - contacting our support team is the best way to get an official statement.