NVD Vulnerability Detail

Search Exploit, PoC

NVD脆弱性検索トップ

->

NVD Vulnerability Detail

CVE-2026-6679

Summary	A heap buffer overflow could occur in the DTLS 1.3 ACK serialization path before the connecting peer is authenticated. The buffer overflow was due to an integer truncation when computing the length of the ACK record-number list, causing an undersized buffer to be allocated and then overrun. This affects builds using DTLS 1.3 and wolfSSL version 5.9.0 and earlier. A fix was added to the 5.9.1 release.
Publication Date	June 26, 2026, 6:16 a.m.
Registration Date	June 27, 2026, 4:31 a.m.
Last Update	June 26, 2026, 11:17 p.m.

Related information, measures and tools

No	URL	refsource	タグ
1	https://github.com/wolfSSL/wolfssl/pull/10116	facts@wolfssl.com
2	https://www.wolfssl.com/docs/security-vulnerabilities/	facts@wolfssl.com

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-787	境界外書き込み	https://cwe.mitre.org/data/definitions/787.html
2	CWE-190	整数オーバーフローまたはラップアラウンド	https://cwe.mitre.org/data/definitions/190.html
3	CWE-197	数値打ち切り誤差	https://cwe.mitre.org/data/definitions/197.html