CVE-2026-5392

UNKNOWN View on NVD ↗

Description

Heap out-of-bounds read in PKCS7 parsing. A crafted PKCS7 message can trigger an OOB read on the heap. The missing bounds check is in the indefinite-length end-of-content verification loop in PKCS7_VerifySignedData().

References

https://github.com/wolfssl/wolfssl/pull/10039

Published: Apr 10, 2026 00:16 UTC Modified: Apr 10, 2026 00:16 UTC