Stack Buffer Overflow Vulnerability in wolfSSL's PKCS7 SignedData Encoding Functionality
CVE-2026-0819

2.2LOW

Key Information:

Vendor: Wolfssl
Status: Wolfssl
Vendor: CVE Published:; 19 March 2026

What is CVE-2026-0819?

A stack buffer overflow vulnerability exists in wolfSSL's PKCS7 SignedData encoding functionality. This issue arises in the function wc_PKCS7_BuildSignedAttributes(), where an incorrect capacity value is passed to EncodeAttributes(), allowing for unauthorized memory manipulation. When applications assign a size to pkcs7->signedAttribsSz that exceeds the predefined limit, the EncodeAttributes() call can overwrite adjacent memory, potentially leading to stack memory corruption. In builds optimized for small stacks, this could escalate to heap corruption. Successful exploitation demands that applications permit untrusted input to dictate the size of the signedAttribs array during the invocation of wc_PKCS7_EncodeSignedData() or related signing functionalities.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

wolfSSL 5.5.0 < 5.9.0

References

https://github.com/wolfSSL/wolfssl/pull/9630

CVSS V4

Score:

2.2

Severity:

LOW

Confidentiality:

None

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 19, 2026
Vulnerability Reserved
Jan 9, 2026

Credit

Maor Caplan

JSON

Wolfssl