CVE-2026-2646
Received Received - Intake
Heap Buffer Overflow in wolfSSL_d2i_SSL_SESSION() Allows Memory Corruption

Publication date: 2026-03-19

Last updated on: 2026-04-29

Assigner: wolfSSL Inc.

Description
A heap-buffer-overflow vulnerability exists in wolfSSL's wolfSSL_d2i_SSL_SESSION() function. When deserializing session data with SESSION_CERTS enabled, certificate and session id lengths are read from an untrusted input without bounds validation, allowing an attacker to overflow fixed-size buffers and corrupt heap memory. A maliciously crafted session would need to be loaded from an external source to trigger this vulnerability. Internal sessions were not vulnerable.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-19
Last Modified
2026-04-29
Generated
2026-06-16
AI Q&A
2026-03-19
EPSS Evaluated
2026-06-15
NVD
CVE-2026-2646
EUVD
EUVD-2026-13137
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
wolfssl wolfssl to 5.9.0 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-787 The product writes data past the end, or before the beginning, of the intended buffer.
CWE-122 A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

[{'type': 'paragraph', 'content': "This vulnerability is a heap-buffer-overflow in the wolfSSL library's function wolfSSL_d2i_SSL_SESSION(). It occurs when deserializing SSL session data with SESSION_CERTS enabled. The function reads certificate and session ID lengths from untrusted input without proper bounds checking, which allows an attacker to overflow fixed-size buffers and corrupt heap memory."}, {'type': 'paragraph', 'content': 'To exploit this, a maliciously crafted session must be loaded from an external source. Internal sessions are not vulnerable.'}] [1, 2]

Impact Analysis

This vulnerability can lead to heap memory corruption due to buffer overflow when processing maliciously crafted SSL session data. Such memory corruption can cause undefined behavior including crashes, denial of service, or potentially allow an attacker to execute arbitrary code or escalate privileges within the affected system.

Compliance Impact

I don't know

Detection Guidance

I don't know

Mitigation Strategies

To mitigate the CVE-2026-2646 vulnerability, you should update wolfSSL to version 5.9.0 or later, which includes patches that add explicit bounds checks on length fields in the wolfSSL_d2i_SSL_SESSION function.

  • Ensure that your wolfSSL library is upgraded to at least version 5.9.0 where the fix has been merged.
  • Avoid loading maliciously crafted external SSL session data until the update is applied.

These steps prevent buffer overflow by validating session certificate and session ID lengths before copying data into fixed-size buffers.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-2646. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart