NVD Vulnerability Detail

Search Exploit, PoC

NVD脆弱性検索トップ

->

NVD Vulnerability Detail

CVE-2026-6681

Summary	The PKCS#7 decode path ignores the caller-supplied output buffer size (outputSz), allowing decoded content to be written past the bounds of the provided buffer. This affects wolfSSL 5.9.0 and earlier and was fixed in the 5.9.1 release.
Publication Date	June 26, 2026, 6:16 a.m.
Registration Date	June 27, 2026, 4:31 a.m.
Last Update	June 26, 2026, 11:17 p.m.

Related information, measures and tools

No	URL	refsource	タグ
1	https://github.com/wolfSSL/wolfssl/pull/10116	facts@wolfssl.com
2	https://www.wolfssl.com/docs/security-vulnerabilities/	facts@wolfssl.com

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-120	古典的バッファオーバーフロー	https://cwe.mitre.org/data/definitions/120.html
2	CWE-787	境界外書き込み	https://cwe.mitre.org/data/definitions/787.html