216.73.217.50

CVE-2026-4395

· Published 19/03/2026 21:17 · Modified 20/03/2026 13:39

Labels: CVE-2026-4395 2026-03-19CVE-2026-4395CWE-122[email protected]

Essential information

Published
19/03/2026 21:17
Modified
20/03/2026 13:39
Author
Creator
CVSS
1.3 LOW (v3) 1.3 LOW (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

Heap-based buffer overflow in the KCAPI ECC code path of wc_ecc_import_x963_ex() in wolfSSL wolfcrypt allows a remote attacker to write attacker-controlled data past the bounds of the pubkey_raw buffer via a crafted oversized EC public key point. The WOLFSSL_KCAPI_ECC code path copies the input to key->pubkey_raw (132 bytes) using XMEMCPY without a bounds check, unlike the ATECC code path which includes a length validation. This can be triggered during TLS key exchange when a malicious peer sends a crafted ECPoint in ServerKeyExchange.

NVD status

Status
Awaiting Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
wolfssl / wolfcrypt cpe:2.3:a:wolfssl:wolfcrypt:*:*:*:*:*:*:*:*

References