Loading market data...
← Back to CVE feed

CVE-2026-6681

UNKNOWN View on NVD ↗

Description

The PKCS#7 decode path ignores the caller-supplied output buffer size (outputSz), allowing decoded content to be written past the bounds of the provided buffer. This affects wolfSSL 5.9.0 and earlier and was fixed in the 5.9.1 release.

Published: Jun 25, 2026 21:16 UTC Modified: Jun 26, 2026 14:17 UTC