CVE-2026-5187

Name of the Vulnerable Software and Affected Versions wolfcrypt (affected versions not specified)

Description Two potential heap out-of-bounds write locations existed in the DecodeObjectId() function within wolfcrypt/src/asn.c. The first issue arises because a bounds check validates only one available slot before writing two OID arc values, potentially causing a 2-byte out-of-bounds write when the output size (outSz) is equal to 1. The second issue occurs when callers pass sizeof(decOid) (64 bytes on 64-bit platforms) instead of the element count MAX OID SZ (32), allowing the function to accept crafted OIDs with 33 or more arcs, leading to a write past the end of the allocated buffer.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.