CVE-2026-5448 LOW

CVE-2026-5448: 1-2 Byte Buffer Overflow in wolfSSL_X509_notAfter/notBefore

Vendor Wolfssl
Product wolfSSL
Weakness CWE-122
Published April 9, 2026
Last update April 10, 2026

CVSS base score

2.3/10
Attack vector Adjacent
Attack complexity Low
Privileges required None
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/U:Green

What the vulnerability does

01Description

X.509 date buffer overflow in wolfSSL_X509_notAfter / wolfSSL_X509_notBefore. A buffer overflow may occur when parsing date fields from a crafted X.509 certificate via the compatibility layer API. This is only triggered when calling these two APIs directly from an application, and does not affect TLS or certificate verify operations in wolfSSL.

Key dates

02Disclosure timeline

April 9, 2026 CVE published
April 10, 2026 Record updated