CVE-2026-5392

UNKNOWN 0.0

wolfSSL heap OOB read in PKCS7 SignedData streaming

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

3th

Heap out-of-bounds read in PKCS7 parsing. A crafted PKCS7 message can trigger an OOB read on the heap. The missing bounds check is in the indefinite-length end-of-content verification loop in PKCS7_VerifySignedData().

CWE	CWE-125
Vendor	wolfssl
Product	wolfssl
Published	Apr 9, 2026
Last Updated	Apr 10, 2026

Stay Ahead of the Next One

Get instant alerts for wolfssl wolfssl

Be the first to know when new unknown vulnerabilities affecting wolfssl wolfssl are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

wolfSSL / wolfSSL

0 < 5.9.1

References

NVD ↗ CVE.org ↗ EPSS Data ↗

github.com: https://github.com/wolfssl/wolfssl/pull/10039

Credits

J Laratro (d0sf3t)