PT-2026-52527 · Wolfssl · Wolfssl

Published

2026-06-25

Updated

2026-06-25

CVE-2026-55967

CVSS v4.0

2.0

Low

Vector

AV:L/AC:H/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

AES-GCM encryption/decryption with extremely large cumulative single message sizes (>64 GiB) were not properly rejected by the streaming APIs, allowing counter wrap, keystream reuse, and consequent plaintext recovery.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-323

Related Identifiers

CVE-2026-55967

Affected Products

Wolfssl

PT-2026-52527 · Wolfssl · Wolfssl

CVE-2026-55967

Weakness Enumeration

Related Identifiers

Affected Products

References · 3