Critical severity9.8NVD Advisory· Published Mar 19, 2026· Updated Apr 29, 2026

CVE-2026-3548

Description

Two buffer overflow vulnerabilities existed in the wolfSSL CRL parser when parsing CRL numbers: a heap-based buffer overflow could occur when improperly storing the CRL number as a hexadecimal string, and a stack-based overflow for sufficiently sized CRL numbers. With appropriately crafted CRLs, either of these out of bound writes could be triggered. Note this only affects builds that specifically enable CRL support, and the user would need to load a CRL from an untrusted source.

Affected products

WolfSSL/Wolfssl
cpe:2.3:a:wolfssl:wolfssl:*:*:*:*:*:*:*:*
Range: <5.9.0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/wolfSSL/wolfssl/pull/9628/nvdIssue TrackingPatch
github.com/wolfSSL/wolfssl/pull/9873/nvdExploitIssue TrackingPatch

News mentions

No linked articles in our index yet.

cvss	0.637
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000