CVE-2026-5460

UNKNOWN 0.0

Heap Use-After-Free in PQC Hybrid KeyShare Error Cleanup in wolfSSL TLS 1.3

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

13th

A heap use-after-free exists in wolfSSL's TLS 1.3 post-quantum cryptography (PQC) hybrid KeyShare processing. In the error handling path of TLSX_KeyShare_ProcessPqcHybridClient() in src/tls.c, the inner function TLSX_KeyShare_ProcessPqcClient_ex() frees a KyberKey object upon encountering an error. The caller then invokes TLSX_KeyShare_FreeAll(), which attempts to call ForceZero() on the already-freed KyberKey, resulting in writes of zero bytes over freed heap memory.

CWE	CWE-416
Vendor	wolfssl
Product	wolfssl
Published	Apr 9, 2026
Last Updated	Apr 10, 2026

Stay Ahead of the Next One

Get instant alerts for wolfssl wolfssl

Be the first to know when new unknown vulnerabilities affecting wolfssl wolfssl are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

wolfSSL / wolfSSL

0 < 5.9.1

References

NVD ↗ CVE.org ↗ EPSS Data ↗

github.com: https://github.com/wolfssl/wolfssl/pull/10092

Credits

Calvin Young (eWalker Consulting Inc.) Enoch Chow (Isomorph Cyber)