CVE-2026-5187 — Vulnetix

CVE-2026-5187 PUBLISHED CVSS 2.299999952316284 LOW

Two potential heap out-of-bounds write locations existed in DecodeObjectId() in wolfcrypt/src/asn.c. First, a bounds check only validates one available slot before writing two OID arc values (out[0] and out[1]), enabling a 2-byte out-of-bounds write when outSz equals 1. Second, multiple callers pass sizeof(decOid) (64 bytes on 64-bit platforms) instead of the element count MAX_OID_SZ (32), causing the function to accept crafted OIDs with 33 or more arcs that write past the end of the allocated buffer.

EPSS 0.05% · 17.4th percentile

Risk Scores

CVSS v4.0

2.299999952316284

CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N

EPSS Score

0.05%

17.4th percentile

Affected Products

Vendor	Product	Versions
wolfSSL	wolfSSL	0

Timeline

Apr 9, 2026 CVE Published
Apr 10, 2026 EPSS Score
Apr 10, 2026 Security Advisory
Apr 14, 2026 CVE Updated
May 18, 2026 EPSS Score
May 19, 2026 EPSS Score
May 20, 2026 EPSS Score
May 21, 2026 EPSS Score
May 22, 2026 EPSS Score
May 23, 2026 EPSS Score
May 24, 2026 EPSS Score
May 25, 2026 EPSS Score

References

wolfSSL GitHub Repository url
https://nvd.nist.gov/vuln/detail/CVE-2026-5187 advisory

Open in Interactive Console →