Skip to main content

Wolfssl CVE-2026-5448

| EUVDEUVD-2026-21233 LOW
Heap-based Buffer Overflow (CWE-122)
2026-04-09 wolfSSL GHSA-5jqq-xpcr-q3r7
2.3
CVSS 4.0 · NVD

Severity by source

NVD PRIMARY
2.3 LOW
CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Green

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Green
Attack Vector
Adjacent
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

4
Patch available
Apr 16, 2026 - 05:29 EUVD
5.9.1
EUVD ID Assigned
Apr 09, 2026 - 23:31 euvd
EUVD-2026-21233
Analysis Generated
Apr 09, 2026 - 23:31 vuln.today
CVE Published
Apr 09, 2026 - 23:18 nvd
LOW 2.3

DescriptionCVE.org

X.509 date buffer overflow in wolfSSL_X509_notAfter / wolfSSL_X509_notBefore. A buffer overflow may occur when parsing date fields from a crafted X.509 certificate via the compatibility layer API. This is only triggered when calling these two APIs directly from an application, and does not affect TLS or certificate verify operations in wolfSSL.

AnalysisAI

wolfSSL versions before 5.9.1 contain a heap buffer overflow in the X.509 date parsing functions wolfSSL_X509_notAfter and wolfSSL_X509_notBefore when processing crafted certificates through the compatibility layer API. The vulnerability has a CVSS score of 2.3 with attack vector requiring adjacent network access and persistence, affecting only direct API calls and not standard TLS or certificate verification operations. No public exploit code or active exploitation has been identified at the time of analysis.

Technical ContextAI

The vulnerability resides in wolfSSL's X.509 certificate compatibility layer, specifically in the date field parsing logic used by the wolfSSL_X509_notAfter and wolfSSL_X509_notBefore API functions. The root cause is classified as CWE-122 (Heap-based Buffer Overflow), indicating improper bounds checking when copying or processing date values extracted from X.509 certificate structures. The affected component is part of wolfSSL's OpenSSL compatibility layer, which provides drop-in replacements for OpenSSL functions. The buffer overflow occurs during date field extraction from maliciously crafted X.509 certificates, but the vulnerability is isolated to these specific compatibility layer APIs and does not propagate to wolfSSL's core TLS operations or certificate verification mechanisms, which use separate code paths.

RemediationAI

Vendor-released patch: wolfSSL 5.9.1 and later. Organizations running wolfSSL should upgrade to version 5.9.1 or newer to remediate the vulnerability. For applications unable to immediately upgrade, restrict direct use of the wolfSSL_X509_notAfter and wolfSSL_X509_notBefore compatibility layer APIs to trusted certificate sources, or validate certificate inputs before passing them to these functions. Standard TLS operations and certificate verification using wolfSSL's native APIs are not affected and do not require special mitigation. Additional advisory information is available at https://nvd.nist.gov/vuln/detail/CVE-2026-5448.

CVE-2017-13099 HIGH POC
7.5 Dec 13

wolfSSL prior to version 3.12.2 provides a weak Bleichenbacher oracle when any TLS cipher suite using RSA key exchange i

CVE-2017-2800 CRITICAL POC
9.8 May 24

A specially crafted x509 certificate can cause a single out of bounds byte overwrite in wolfSSL through 3.10.2 resulting

CVE-2015-6925 HIGH POC
7.5 Jan 22

wolfSSL (formerly CyaSSL) before 3.6.8 allows remote attackers to cause a denial of service (resource consumption or tra

CVE-2022-39173 HIGH POC
7.5 Sep 29

In wolfSSL before 5.5.1, malicious clients can cause a buffer overflow during a TLS 1.3 handshake. Rated high severity (

CVE-2022-38152 HIGH POC
7.5 Aug 31

An issue was discovered in wolfSSL before 5.5.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploita

CVE-2020-11713 HIGH POC
7.5 Apr 12

wolfSSL 4.3.0 has mulmod code in wc_ecc_mulmod_ex in ecc.c that does not properly resist timing side-channel attacks. Ra

CVE-2019-18840 HIGH POC
7.5 Nov 09

In wolfSSL 4.1.0 through 4.2.0c, there are missing sanity checks of memory accesses in parsing ASN.1 certificate data wh

CVE-2020-15309 HIGH POC
7.0 Aug 21

An issue was discovered in wolfSSL before 4.5.0, when single precision is not employed. Rated high severity (CVSS 7.0).

CVE-2020-24613 MEDIUM POC
6.8 Aug 24

wolfSSL before 4.5.0 mishandles TLS 1.3 server data in the WAIT_CERT_CR state, within SanityCheckTls13MsgReceived() in t

CVE-2015-7744 MEDIUM POC
5.9 Jan 22

wolfSSL (formerly CyaSSL) before 3.6.8 does not properly handle faults associated with the Chinese Remainder Theorem (CR

CVE-2022-38153 MEDIUM POC
5.9 Aug 31

An issue was discovered in wolfSSL before 5.5.0 (when --enable-session-ticket is used); however, only version 5.3.0 is e

CVE-2021-37155 CRITICAL
9.8 Jul 21

wolfSSL 4.6.x through 4.7.x before 4.8.0 does not produce a failure outcome when the serial number in an OCSP request di

Share

CVE-2026-5448 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy