CVE-2026-5778

Name of the Vulnerable Software and Affected Versions wolfSSL versions 5.9.0 and earlier

Description An integer underflow in the packet sniffer component of wolfSSL versions 5.9.0 and earlier can lead to a program crash. This occurs in the AEAD decryption path when processing malformed TLS Application Data records. Specifically, injecting a TLS record shorter than the expected length can trigger the underflow, resulting in a large out-of-bounds read during AEAD decryption. This can be exploited remotely by an unauthenticated attacker.

Recommendations Update wolfSSL to a version later than 5.9.0.