Lucene search
K

7 matches found

ATTACKERKB
ATTACKERKB
added 2026/06/25 7:38 p.m.5 views

CVE-2026-11310

X.509 trust-chain bypass in the OpenSSL compatibility certificate verifier wolfSSLX509verifycert. This affects only builds with --enable-opensslextra OPENSSLEXTRA and whose application validates certificates by calling X509verifycert with caller-supplied untrusted intermediate certificates; for...

8.7CVSS5.9AI score0.00145EPSS
Exploits0References3Affected Software1
Snyk
Snyk
added 2026/03/19 6:51 p.m.3 views

Heap-based Buffer Overflow

Overview wolfssl is a Python module that encapsulates wolfSSL's C SSL/TLS library. Affected versions of this package are vulnerable to Heap-based Buffer Overflow in the wolfSSLd2iSSLSESSION function when deserializing session data with the SESSIONCERTS option enabled. An attacker can corrupt heap...

8.1CVSS6.2AI score0.00123EPSS
Exploits0References2
Snyk
Snyk
added 2026/03/19 6:51 p.m.2 views

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow in the wolfSSLd2iSSLSESSION function when deserializing session data with the SESSIONCERTS option enabled. An attacker can corrupt heap memory and potentially execute arbitrary code or cause a crash by supplyi...

8.1CVSS6.2AI score0.00123EPSS
Exploits0References2
NVD
NVD
added 2026/03/19 6:16 p.m.2 views

CVE-2026-2646

A heap-buffer-overflow vulnerability exists in wolfSSL's wolfSSLd2iSSLSESSION function. When deserializing session data with SESSIONCERTS enabled, certificate and session id lengths are read from an untrusted input without bounds validation, allowing an attacker to overflow fixed-size buffers and...

8.1CVSS0.00123EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2026/03/19 6:16 p.m.3 views

CVE-2026-2646

A heap-buffer-overflow vulnerability exists in wolfSSL's wolfSSLd2iSSLSESSION function. When deserializing session data with SESSIONCERTS enabled, certificate and session id lengths are read from an untrusted input without bounds validation, allowing an attacker to overflow fixed-size buffers and...

8.1CVSS5.8AI score0.00123EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/03/19 5:25 p.m.22 views

CVE-2026-2646 Heap buffer overflow in session parsing with wolfSSL_d2i_SSL_SESSION() function

A heap-buffer-overflow vulnerability exists in wolfSSL's wolfSSLd2iSSLSESSION function. When deserializing session data with SESSIONCERTS enabled, certificate and session id lengths are read from an untrusted input without bounds validation, allowing an attacker to overflow fixed-size buffers and...

5.8CVSS0.00123EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2026/03/19 5:25 p.m.7 views

CVE-2026-2646

A heap-buffer-overflow vulnerability exists in wolfSSL's wolfSSLd2iSSLSESSION function. When deserializing session data with SESSIONCERTS enabled, certificate and session id lengths are read from an untrusted input without bounds validation, allowing an attacker to overflow fixed-size buffers and...

8.1CVSS5.3AI score0.00123EPSS
Exploits0
Rows per page
Query Builder