CVE-2026-5188

| EUVD-2026-21290 LOW
2026-04-10 wolfSSL GHSA-9qgc-pcpx-g38q
2.3
CVSS 4.0

CVSS Vector

CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
P
Scope
X

Lifecycle Timeline

3
Analysis Generated
Apr 10, 2026 - 03:45 vuln.today
EUVD ID Assigned
Apr 10, 2026 - 03:45 euvd
EUVD-2026-21290
CVE Published
Apr 10, 2026 - 03:24 nvd
LOW 2.3

Tags

Information Disclosure Integer Overflow Wolfssl

Description

An integer underflow issue exists in wolfSSL when parsing the Subject Alternative Name (SAN) extension of X.509 certificates. A malformed certificate can specify an entry length larger than the enclosing sequence, causing the internal length counter to wrap during parsing. This results in incorrect handling of certificate data. The issue is limited to configurations using the original ASN.1 parsing implementation which is off by default.

Analysis

Integer underflow in wolfSSL's ASN.1 certificate parser allows remote attackers to trigger information disclosure and potential memory access violations when processing malformed X.509 certificates with oversized Subject Alternative Name extensions. The vulnerability affects wolfSSL versions up to 5.9.0 but only impacts systems using the non-default original ASN.1 parsing implementation; no public exploit code or active exploitation has been identified at time of analysis.

Sign in for full analysis, threat intelligence, and remediation guidance.

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Sign in - Free

Priority Score

12
Low Medium High Critical
KEV: 0
EPSS: +0.0
CVSS: +12
POC: 0

Share

CVE-2026-5188 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy