Main Vulnerability Database Vulnerabilities #VU125940

#VU125940 Buffer overflow in wolfSSL - CVE-2026-5448

Published: April 14, 2026

Vulnerability identifier: #VU125940

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2026-5448

CWE-ID: CWE-120

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
wolfSSL

Software vendor:
wolfSSL

Description

The vulnerability allows a remote user to cause a denial of service or execute arbitrary code.

The vulnerability exists due to a buffer overflow in wolfSSL_X509_notAfter / wolfSSL_X509_notBefore when parsing date fields from a crafted X.509 certificate via the compatibility layer API. A remote user can supply a crafted X.509 certificate to cause a denial of service or execute arbitrary code.

This is only triggered when an application calls these APIs directly and does not affect TLS or certificate verification operations.

Remediation

Install security update from vendor's website.

External links

https://github.com/wolfSSL/wolfssl/releases/tag/v5.9.1-stable

#VU125940 Buffer overflow in wolfSSL - CVE-2026-5448

Description

Remediation

External links

Please verify you're human