Unrated severityNVD Advisory· Published Jun 26, 2026

Debian wolfssl: Use-after-free in PQC hybrid key-share handling. This is an incomplete-fix follo…

CVE-2026-7531

Description

Use-after-free in PQC hybrid key-share handling. This is an incomplete-fix follow-up to CVE-2026-5460 (released in 5.9.1): a malicious TLS 1.3 server sending a truncated PQC hybrid KeyShare can still trigger the error cleanup path to operate on freed memory.

Patches

Vulnerability mechanics

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000