CVE-2026-3548CRITICAL 9.8EPSS p37.0%

CVE-2026-3548CVE-2026-3548

Description

Two buffer overflow vulnerabilities existed in the wolfSSL CRL parser when parsing CRL numbers: a heap-based buffer overflow could occur when improperly storing the CRL number as a hexadecimal string, and a stack-based overflow for sufficiently sized CRL numbers. With appropriately crafted CRLs, either of these out of bound writes could be triggered. Note this only affects builds that specifically enable CRL support, and the user would need to load a CRL from an untrusted source.

Scoring

CVSS 3.19.8 (CRITICAL)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS0.47% probability of exploitation · percentile 37.0% · 2026-06-19T12:03:05Z
Published2026-03-19
Last modified2026-04-29

Underlying weaknesses· 2

CWE-122CWE-787

References

  1. https://github.com/wolfSSL/wolfssl/pull/9628/
  2. https://github.com/wolfSSL/wolfssl/pull/9873/

2

TypeTargetConfidenceTier
WeaknessHeap-based Buffer Overflowcwe-1220%live
WeaknessOut-of-bounds Writecwe-7870%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-2646
CVE
CVE-2026-3549
CVE
CVE-2026-5393
CVE
CVE-2026-5188
CVE
CVE-2026-3849
CVE
CVE-2026-4395
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.