CVE Catalog

CVE-2026-6325

HighCVSS 7.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.18%

7th percentile — higher than 7% of all known CVEs

Summary

The vulnerability allows an out-of-bounds write in the SetSuitesHashSigAlgo function when processing an oversized signature algorithms list, potentially leading to a buffer overflow.

Risk Assessment

An attacker could exploit this vulnerability to execute arbitrary code remotely or cause a system crash, posing a serious threat to data confidentiality, integrity, and availability.

Recommendation

Apply the patch provided by the vendor immediately and update the software to the latest version that fixes this vulnerability.

Original NVD description (English source)

Out-of-bounds write in SetSuitesHashSigAlgo when processing an oversized signature algorithms list, allowing a write past the bounds of the destination buffer.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS