CVE Catalog

CVE-2026-6681

MediumCVSS 5.3
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.26%

17th percentile — higher than 17% of all known CVEs

Summary

In the PKCS#7 decode path of the wolfSSL library, the caller-supplied output buffer size (outputSz) is ignored, allowing decoded content to be written past the bounds of the provided buffer. This affects wolfSSL version 5.9.0 and earlier, and was fixed in release 5.9.1.

Risk Assessment

An attacker could exploit this vulnerability to cause a buffer overflow, potentially leading to application crashes, data corruption, or remote code execution in the context of the process using the wolfSSL library.

Recommendation

Immediately update the wolfSSL library to version 5.9.1 or later, which includes a fix for this vulnerability.

Original NVD description (English source)

The PKCS#7 decode path ignores the caller-supplied output buffer size (outputSz), allowing decoded content to be written past the bounds of the provided buffer. This affects wolfSSL 5.9.0 and earlier and was fixed in the 5.9.1 release.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS