CVE-2026-3229

Name of the Vulnerable Software and Affected Versions wolfssl (affected versions not specified)

Description An integer overflow issue was identified in the wolfssl add to chain function, leading to heap corruption when certificate data exceeded the bounds of the certificate buffer. The function is utilized by the following API endpoints: wolfSSL CTX add extra chain cert, wolfSSL CTX add1 chain cert, and wolfSSL add0 chain cert. This issue is not remotely exploitable and requires a compromise of the application context loading certificates. The issue is triggered when using 3rd party compatibility features: enable-opensslall, enable-opensslextra, enable-lighty, enable-stunnel, enable-nginx, and enable-haproxy.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.