CVE-2026-6679

UNKNOWN 0.0

DTLS 1.3 ACK serialization heap buffer overflow via integer truncation

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

A heap buffer overflow could occur in the DTLS 1.3 ACK serialization path before the connecting peer is authenticated. The buffer overflow was due to an integer truncation when computing the length of the ACK record-number list, causing an undersized buffer to be allocated and then overrun. This affects builds using DTLS 1.3 and wolfSSL version 5.9.0 and earlier. A fix was added to the 5.9.1 release.

CWE	CWE-787 CWE-190 CWE-197
Vendor	wolfssl
Product	wolfssl
Published	Jun 25, 2026

Stay Ahead of the Next One

Get instant alerts for wolfssl wolfssl

Be the first to know when new unknown vulnerabilities affecting wolfssl wolfssl are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

wolfSSL / wolfSSL

5.4.0 ≤ 5.9.0

References

NVD ↗ CVE.org ↗ EPSS Data ↗

github.com: https://github.com/wolfSSL/wolfssl/pull/10116 wolfssl.com: https://www.wolfssl.com/docs/security-vulnerabilities/

Credits

Nicholas Carlini from Anthropic