Medium severity4.3NVD Advisory· Published Apr 10, 2026· Updated Apr 29, 2026

CVE-2026-5448

Description

X.509 date buffer overflow in wolfSSL_X509_notAfter / wolfSSL_X509_notBefore. A buffer overflow may occur when parsing date fields from a crafted X.509 certificate via the compatibility layer API. This is only triggered when calling these two APIs directly from an application, and does not affect TLS or certificate verify operations in wolfSSL.

Affected products

WolfSSL/Wolfssl
cpe:2.3:a:wolfssl:wolfssl:*:*:*:*:*:*:*:*
Range: <5.9.1

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/wolfSSL/wolfssl/pull/10071nvdIssue TrackingPatch

News mentions

No linked articles in our index yet.

cvss	0.280
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000