1-byte OOB heap read in wcPKCS7DecodeEnvelopedData via zero-length encrypted content. A vulnerability existed in wolfSSL 5.8.4 and earlier, where a 1-byte out-of-bounds heap read in wcPKCS7DecodeEnvelopedData could be triggered by a crafted CMS EnvelopedData message with zero-length encrypted content. Note that PKCS7 support is disabled by default.
{
"sources": [
{
"url": "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2026-4159",
"html_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-4159",
"modified": "2026-06-17T10:56:05.030Z",
"id": "CVE-2026-4159",
"imported": "2026-07-17T22:29:08.748Z",
"published": "2026-03-19T22:16:42.993Z",
"database_specific": {
"status": "Analyzed"
}
},
{
"url": "https://euvdservices.enisa.europa.eu/api/enisaid?id=EUVD-2026-13233",
"html_url": "https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-13233",
"published": "2026-03-19T21:17:46Z",
"imported": "2026-07-17T22:29:18.544Z",
"id": "EUVD-2026-13233",
"modified": "2026-03-20T16:29:05Z"
}
],
"license": "CC-BY-4.0"
}