CVE-2026-6681 - CERT CVE
ID CVE-2026-6681
Sažetak The PKCS#7 decode path ignores the caller-supplied output buffer size (outputSz), allowing decoded content to be written past the bounds of the provided buffer. This affects wolfSSL 5.9.0 and earlier and was fixed in the 5.9.1 release.
Reference
CVSS
Base: 5.3
Impact: 1.4
Exploitability:3.9
Pristup
VektorSloženostAutentikacija
NETWORK LOW NONE
Impact
PovjerljivostCjelovitostDostupnost
NONE LOW NONE
CVSS vektor CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Zadnje važnije ažuriranje 27-06-2026 - 20:02
Objavljeno 25-06-2026 - 21:16