Heartbleed vulnerability leaves exposed which type of key?

Heartbleed was an information-disclosure flaw in OpenSSL’s TLS heartbeat extension that allowed an attacker to read chunks of memory from the vulnerable server. That memory can contain sensitive data used by TLS, including the server’s private key. The private key is the secret half of the key pair used to prove the server’s identity to clients; if an attacker obtains it, they can impersonate the server in TLS connections or decrypt traffic that was protected by that key, compromising confidentiality and trust. Public keys are not secret by design, so they aren’t the type of key the vulnerability exposes. While other sensitive material like session keys could theoretically appear in memory, the strong and consistent exam takeaway is that the private key is the key type at risk. After Heartbleed, best practice is to revoke and reissue certificates, replace the private key, and patch OpenSSL to close the vulnerability.