CVE-2026-5772

Name of the Vulnerable Software and Affected Versions versions prior to 2.3

Description A 1-byte stack buffer over-read exists in the MatchDomainName function (src/internal.c) during wildcard hostname validation when the LEFT MOST WILDCARD ONLY flag is active. If a wildcard * exhausts the entire hostname string, the function reads one byte past the buffer without a bounds check, potentially causing a crash.

Recommendations Update to version 2.3 or later.