2 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-6678
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Integer underflow in wcPKCS7DecryptOri when handling crafted Other Recipient Info, leading to incorrect length handling during decryption. CVE-2026-6678 Note th...
CVE-2026-5295
A stack buffer overflow exists in wolfSSL's PKCS7 implementation in the wcPKCS7DecryptOri function in wolfcrypt/src/pkcs7.c. When processing a CMS EnvelopedData message containing an OtherRecipientInfo ORI recipient, the function copies an ASN.1-parsed OID into a fixed 32-byte stack buffer...