Buffer Overflow Vulnerabilities in wolfSSL CRL Parser by wolfSSL
CVE-2026-3548

7.2HIGH

Key Information:

Vendor: Wolfssl
Status: Wolfssl
Vendor: CVE Published:; 19 March 2026

What is CVE-2026-3548?

Two buffer overflow vulnerabilities were identified in the wolfSSL CRL parser, specifically related to CRL number parsing. A heap-based overflow can occur when a CRL number is improperly stored as a hexadecimal string, leading to potential out-of-bounds memory access. Additionally, a stack-based overflow may arise for certain large CRL numbers. These vulnerabilities are triggered when loading CRL files from untrusted sources, and they only affect builds where CRL support is enabled.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

wolfSSL MacOS 0 < 5.9.0

References

https://github.com/wolfSSL/wolfssl/pull/9628/

https://github.com/wolfSSL/wolfssl/pull/9873/

CVSS V4

Score:

7.2

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 19, 2026
Vulnerability Reserved
Mar 4, 2026

JSON

Wolfssl

What is CVE-2026-3548?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V4

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.