CVE-2026-2646 | wolfSSL up to 5.8.4 Session wolfSSL_d2i_SSL_SESSION heap-based overflow

March 19, 2026 Yanac

A vulnerability, which was classified as critical, was found in wolfSSL up to 5.8.4. This affects the function wolfSSL_d2i_SSL_SESSION of the component Session Handler. The manipulation results in heap-based buffer overflow.

This vulnerability was named CVE-2026-2646. The attack may be performed from remote. There is no available exploit.

You should upgrade the affected component.VulDB Recent EntriesRead More