CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Snyk•added 2026/04/10 12:10 a.m.•4 views

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow in the wolfSSLX509notAfter or wolfSSLX509notBefore functions when parsing date fields from a specially crafted X.509 certificate via the compatibility layer API. An attacker can cause a buffer overflow by...

4.3CVSS6AI score0.00097EPSS

Exploits0References2

UbuntuCve•added 2026/04/10 12:0 a.m.•2 views

CVE-2026-5448

X.509 date buffer overflow in wolfSSLX509notAfter / wolfSSLX509notBefore. A buffer overflow may occur when parsing date fields from a crafted X.509 certificate via the compatibility layer API. This is only triggered when calling these two APIs directly from an application, and does not affect TLS...

4.3CVSS6.1AI score0.00097EPSS

Exploits0References2

CNNVD•added 2026/04/10 12:0 a.m.•4 views

wolfSSL 安全漏洞

wolfSSL CyaSSL is a small, portable embedded SSL programming library developed by the American company wolfSSL, designed for developers working with embedded systems. There is a security vulnerability in wolfSSL, which stems from a buffer overflow issue during the parsing of X.509 certificate dat...

4.3CVSS6AI score0.00097EPSS

CNNVD•added 2026/04/10 12:0 a.m.•4 views

wolfSSL（CyaSSL）安全漏洞

wolfSSL CyaSSL is a small, portable embedded SSL programming library developed by the US company wolfSSL, designed for developers working with embedded systems. wolfSSL CyaSSL contains a security vulnerability that stems from the handling of mixed key sharing in TLS 1.3 and post-quantum...

6.5CVSS5.8AI score0.00275EPSS

Positive Technologies•added 2026/04/10 12:0 a.m.•5 views

PT-2026-31891

Name of the Vulnerable Software and Affected Versions Spring Cloud Gateway versions prior to 4.2.1 and versions 5.0.0 and 5.1.0. Description When configuring SSL bundles in Spring Cloud Gateway using the spring.ssl.bundle configuration property, the configuration was silently ignored, and the...

7.5CVSS5.8AI score0.00217EPSS

Exploits0References15

9.8CVSS6AI score0.00446EPSS

Linux Distros Unpatched Vulnerability : CVE-2026-5264

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Heap buffer overflow in DTLS 1.3 ACK message processing. A remote attacker can send a crafted DTLS 1.3 ACK message that triggers a heap buffer overflow...

6.5CVSS5.5AI score0.00275EPSS

Linux Distros Unpatched Vulnerability : CVE-2026-5460

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A heap use-after-free exists in wolfSSL's TLS 1.3 post-quantum cryptography PQC hybrid KeyShare processing. In the error handling path of...

7.5CVSS5.8AI score0.00683EPSS

Linux Distros Unpatched Vulnerability : CVE-2026-39304

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Denial of Service via Out of Memory vulnerability in Apache ActiveMQ Client, Apache ActiveMQ Broker, Apache ActiveMQ. ActiveMQ NIO SSL transports do not correct...

7.1CVSS5.5AI score0.00239EPSS

Linux Distros Unpatched Vulnerability : CVE-2026-5446

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In wolfSSL, ARIA-GCM cipher suites used in TLS 1.2 and DTLS 1.2 reuse an identical 12-byte GCM nonce for every application-data record. Because wcAriaEncrypt is...

Tenable Nessus•added 2026/04/10 12:0 a.m.•4 views

Linux Distros Unpatched Vulnerability : CVE-2026-5501

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wolfSSLX509verifycert in the OpenSSL compatibility layer accepts a certificate chain in which the leaf's signature is not checked, if the attacker supplies an...

8.6CVSS6AI score0.00179EPSS

Cvelist•added 2026/04/09 11:29 p.m.•28 views

CVE-2026-5460 Heap Use-After-Free in PQC Hybrid KeyShare Error Cleanup in wolfSSL TLS 1.3

6.3CVSS0.00275EPSS

Cvelist•added 2026/04/09 11:18 p.m.•30 views

CVE-2026-5448 1-2 Byte Buffer Overflow in wolfSSL_X509_notAfter/notBefore

2.3CVSS0.00097EPSS

ATTACKERKB•added 2026/04/09 11:18 p.m.•2 views

CVE-2026-5448

2.3CVSS6.2AI score0.00097EPSS

Exploits0References2

Vulnrichment•added 2026/04/09 11:18 p.m.•1 views

CVE-2026-5448 1-2 Byte Buffer Overflow in wolfSSL_X509_notAfter/notBefore

2.3CVSS6.1AI score0.00097EPSS

AlpineLinux•added 2026/04/09 11:18 p.m.•2 views

CVE-2026-5448

4.3CVSS5.6AI score0.00097EPSS

Exploits0

CVE•added 2026/04/09 11:18 p.m.•27 views

CVE-2026-5448

The CVE-2026-5448 entry describes a X.509 date buffer overflow in wolfSSL_X509_notAfter/notBefore triggered when parsing date fields via the compatibility layer API. The flaw may occur when an application directly calls these APIs; TLS handshake and certificate verification are not affected. Affe...

4.3CVSS6.2AI score0.00097EPSS

Exploits0References1Affected Software1

Debian CVE•added 2026/04/09 11:18 p.m.•2 views

CVE-2026-5448

4.3CVSS5.6AI score0.00097EPSS

Exploits0

OSV•added 2026/04/09 10:16 p.m.•1 views

DEBIAN-CVE-2026-5778

Integer underflow in wolfSSL packet sniffer = 5.9.0 allows an attacker to cause a program crash in the AEAD decryption path by injecting a TLS record shorter than the explicit IV plus authentication tag into traffic inspected by sslDecodePacket. The underflow wraps a 16-bit length to a large valu...

6.5CVSS5.4AI score0.00225EPSS

NVD•added 2026/04/09 10:16 p.m.•3 views

CVE-2026-5778

6.5CVSS0.00225EPSS