CVE-2026-3548

Name of the Vulnerable Software and Affected Versions wolfSSL (affected versions not specified)

Description The software contains buffer overflow issues within its Certificate Revocation List (CRL) parser when processing CRL numbers. A heap-based buffer overflow can occur during the improper storage of CRL numbers as hexadecimal strings. Additionally, a stack-based buffer overflow can be triggered with sufficiently large CRL numbers. These issues are exploitable with crafted CRLs, but only affect builds with CRL support enabled and when loading CRLs from untrusted sources.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.