CVE-2026-0819

Source
https://cve.org/CVERecord?id=CVE-2026-0819
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-0819.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-0819
Downstream
Published
2026-03-19T16:54:33.442Z
Modified
2026-07-16T03:48:10.712614159Z
Severity
  • 2.2 (Low) CVSS_V4 - CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:U CVSS Calculator
Summary
Stack buffer overflow in PKCS7 SignedData encoding with custom signed attributes
Details

A stack buffer overflow vulnerability exists in wolfSSL's PKCS7 SignedData encoding functionality. In wcPKCS7BuildSignedAttributes(), when adding custom signed attributes, the code passes an incorrect capacity value (esd->signedAttribsCount) to EncodeAttributes() instead of the remaining available space in the fixed-size signedAttribs[7] array. When an application sets pkcs7->signedAttribsSz to a value greater than MAXSIGNEDATTRIBSSZ (default 7) minus the number of default attributes already added, EncodeAttributes() writes beyond the array bounds, causing stack memory corruption. In WOLFSSLSMALLSTACK builds, this becomes heap corruption. Exploitation requires an application that allows untrusted input to control the signedAttribs array size when calling wcPKCS7_EncodeSignedData() or related signing functions.

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/0xxx/CVE-2026-0819.json",
    "cwe_ids": [
        "CWE-121",
        "CWE-787"
    ],
    "cna_assigner": "wolfSSL"
}
References

Affected packages

Git / github.com/wolfssl/wolfssl

Affected ranges

Type
GIT
Repo
https://github.com/wolfssl/wolfssl
Events
Database specific
{
    "extracted_events": [
        {
            "introduced": "5.5.0"
        },
        {
            "fixed": "5.9.0"
        }
    ],
    "source": [
        "AFFECTED_FIELD",
        "CPE_RANGE"
    ],
    "cpe": "cpe:2.3:a:wolfssl:wolfssl:*:*:*:*:*:*:*:*"
}

Affected versions

v5.*
v5.2.1
v5.5.0-stable
v5.5.1-stable
v5.5.2-stable
v5.5.3-stable
v5.5.4-stable
v5.6.0-stable
v5.6.2-stable
v5.6.3-stable
v5.6.4-stable
v5.6.6-stable
v5.7.0-stable
v5.7.2-stable
v5.7.4-stable
v5.7.6-stable
v5.8.0-stable
v5.8.2-stable
v5.8.4-stable
Other
wolfEntropy1
wolfEntropy2d

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-0819.json"