CVE-2026-5393

Summary

Dual-Algorithm CertificateVerify out-of-bounds read. When processing a dual-algorithm CertificateVerify message, an out-of-bounds read can occur on crafted input. This can only occur when –enable-experimental and –enable-dual-alg-certs is used when building wolfSSL.

Affected Software

VendorProductVersion RangeStatus
wolfSSLwolfSSL0 < 5.9.1affected

Weaknesses

  • CWE-125: CWE-125 Out-of-bounds Read

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References