A newly disclosed vulnerability in OpenSSL 3.0, tracked as CVE-2022-3786, allows malicious email addresses to trigger a heap buffer overflow during X.509 certificate verification. While exploitation requires specific conditions, successful attacks could lead to remote code execution or crashes. This flaw underscores persistent risks in foundational cryptographic libraries.