CVE-2026-5448 | wolfSSL up to 5.9.0 Compatibility Layer API wolfSSL_X509_notAfter/wolfSSL_X509_notBefore Date heap-based overflow

Inserito da Angelo Barbosa | Apr 10, 2026 | CVE

A vulnerability marked as critical has been reported in wolfSSL up to 5.9.0. The impacted element is the function wolfSSL_X509_notAfter/wolfSSL_X509_notBefore of the component Compatibility Layer API. The manipulation of the argument Date leads to heap-based buffer overflow.

This vulnerability is traded as CVE-2026-5448. Access to the local network is required for this attack to succeed. There is no exploit available.

It is suggested to upgrade the affected component.

CVE-2026-5448 | wolfSSL up to 5.9.0 Compatibility Layer API wolfSSL_X509_notAfter/wolfSSL_X509_notBefore Date heap-based overflow

Post correlati

CVE-2025-67025 | Anycomment 0.4.4 cross site scripting

CVE-2025-7818 | PHPGurukul Apartment Visitors Management System 1.0 HTTP POST Request /category.php categoryname cross site scripting

CVE-2026-28087 | ThemeREX Filmax Plugin up to 1.1.11 on WordPress filename control

CVE-2013-10049 | Raidsonic IB-NAS5220/IB-NAS4220 Web Interface timeHandler.cgi timeZone os command injection (EDB-24499)