CVE-2026-3549CRITICAL 9.8EPSS p38.0%

CVE-2026-3549CVE-2026-3549

Description

Heap Overflow in TLS 1.3 ECH parsing. An integer underflow existed in ECH extension parsing logic when calculating a buffer length, which resulted in writing beyond the bounds of an allocated buffer. Note that in wolfSSL, ECH is off by default, and the ECH standard is still evolving.

Scoring

CVSS 3.19.8 (CRITICAL)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS0.49% probability of exploitation · percentile 38.0% · 2026-06-19T12:03:05Z
Published2026-03-19
Last modified2026-03-26

Underlying weaknesses· 1

CWE-122

References

  1. https://github.com/wolfSSL/wolfssl/pull/9817

1

TypeTargetConfidenceTier
WeaknessHeap-based Buffer Overflowcwe-1220%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-3849
CVE
CVE-2026-3548
CVE
CVE-2026-4395
CVE
CVE-2026-2646
CVE
CVE-2026-5393
CVE
CVE-2026-5188
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.