CVE-2026-2646 MEDIUM

CVE-2026-2646: Heap buffer overflow in session parsing with wolfSSL_d2i_SSL_SESSION() function

Vendor Wolfssl
Product wolfssl
Weakness CWE-122
Published March 19, 2026
Last update March 19, 2026

CVSS base score

5.0/10
Attack vector Local
Attack complexity High
Privileges required Low
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N/E:P

What the vulnerability does

01Description

A heap-buffer-overflow vulnerability exists in wolfSSL's wolfSSL_d2i_SSL_SESSION() function. When deserializing session data with SESSION_CERTS enabled, certificate and session id lengths are read from an untrusted input without bounds validation, allowing an attacker to overflow fixed-size buffers and corrupt heap memory. A maliciously crafted session would need to be loaded from an external source to trigger this vulnerability. Internal sessions were not vulnerable.

Key dates

02Disclosure timeline

March 19, 2026 CVE published
March 19, 2026 Record updated