Integer Underflow in wolfSSL Packet Sniffer Affects Security of TLS Decryption
CVE-2026-5778

2.1LOW

Key Information:

Vendor: Wolfssl
Status: Wolfssl
Vendor: CVE Published:; 9 April 2026

What is CVE-2026-5778?

An integer underflow vulnerability has been identified in the wolfSSL packet sniffer that affects versions up to 5.9.0. This flaw allows an unauthenticated attacker to manipulate the elements of TLS traffic, particularly by injecting TLS records that are shorter than the expected initialization vector and authentication tag. This manipulation can lead to a significant security issue where a program may experience a crash due to an oversized out-of-bounds read. Attackers could exploit this vulnerability remotely, posing a risk to applications utilizing the affected versions of wolfSSL during their TLS decryption processes.

Affected Version(s)

wolfSSL 0 <= 5.9.0

References

https://github.com/wolfSSL/wolfssl/pull/10125

CVSS V4

Score:

2.1

Severity:

LOW

Confidentiality:

None

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 9, 2026
Vulnerability Reserved
Apr 8, 2026

Credit

Zou Dikai

CVE-2026-5778 Data

JSON