CVE-2026-5188

UNKNOWN 0.0

Integer underflow in X.509 SAN parsing in wolfSSL

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

8th

An integer underflow issue exists in wolfSSL when parsing the Subject Alternative Name (SAN) extension of X.509 certificates. A malformed certificate can specify an entry length larger than the enclosing sequence, causing the internal length counter to wrap during parsing. This results in incorrect handling of certificate data. The issue is limited to configurations using the original ASN.1 parsing implementation which is off by default.

CWE	CWE-191
Vendor	wolfssl
Product	wolfssl
Published	Apr 10, 2026
Last Updated	Apr 10, 2026

Stay Ahead of the Next One

Get instant alerts for wolfssl wolfssl

Be the first to know when new unknown vulnerabilities affecting wolfssl wolfssl are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

wolfSSL / wolfSSL

0 ≤ 5.9.0

References

NVD ↗ CVE.org ↗ EPSS Data ↗

github.com: https://github.com/wolfSSL/wolfssl/pull/10024

Credits

Discovered by Muhammad Arya Arjuna Habibullah