CVE-2026-3548

CVE Database · CVE-2026-3548

CVE-2026-3548

· CRITICALAnalyzed

CVSS v3.1

9.8

CVSS v4.0

7.2

EPSS

0.47%

Published

Mar 19, 2026

Modified

Apr 29, 2026

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Two buffer overflow vulnerabilities existed in the wolfSSL CRL parser when parsing CRL numbers: a heap-based buffer overflow could occur when improperly storing the CRL number as a hexadecimal string, and a stack-based overflow for sufficiently sized CRL numbers. With appropriately crafted CRLs, either of these out of bound writes could be triggered. Note this only affects builds that specifically enable CRL support, and the user would need to load a CRL from an untrusted source.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Weaknesses (CWE)

CWE-122CWE-787CWE-787

Affected Products (1)

wolfssl · wolfssl (up to 5.9.0)vulnerable

References (2)

https://github.com/wolfSSL/wolfssl/pull/9628/

Issue TrackingPatch

https://github.com/wolfSSL/wolfssl/pull/9873/

ExploitIssue TrackingPatch

KEV Catalog EPSS Scores Vendors All CVEs