Out-of-Bounds Write Vulnerability in Renesas TSIP TLS 1.3 by Renesas
CVE-2026-55958

8.3HIGH

Key Information:

Vendor: Wolfssl
Status: Wolfssl
Vendor: CVE Published:; 25 June 2026

What is CVE-2026-55958?

An out-of-bounds write vulnerability exists in the Renesas TSIP TLS 1.3 implementation, specifically within the tsip_StoreMessage() function. A flaw in the capacity check allows heap corruption and potential denial of service when the TLS 1.3 handshake transcript exceeds the size limit. This can occur due to unusually large valid certificate chains or malicious servers sending oversized messages to clients that do not validate the chain accurately. The issue primarily affects builds using the Renesas TSIP TLS port on compatible microcontrollers.

Affected Version(s)

wolfSSL 5.4.0 <= 5.9.1

References

https://github.com/wolfSSL/wolfssl/pull/10705

patch

https://www.wolfssl.com/docs/security-vulnerabilities/

CVSS V4

Score:

8.3

Severity:

HIGH

Confidentiality:

None

Integrity:

Low

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 25, 2026
Vulnerability Reserved
Jun 17, 2026

Credit

NVIDIA Project Vanessa

CVE-2026-55958 Data

JSON