—

CVE-2026-5264PATCHED

wolfssl · wolfssl

DTLS 1.3 ACK heap buffer overflow

Description

Heap buffer overflow in DTLS 1.3 ACK message processing. A remote attacker can send a crafted DTLS 1.3 ACK message that triggers a heap buffer overflow.

Affected Products

Vendor	Product	Versions
wolfssl	wolfssl	0, 5.9.0

References

https://github.com/wolfssl/wolfssl/pull/10076

Related News (1 articles)

Tier C

VulDB4h ago

CVE-2026-5264 | wolfSSL up to 5.9.0 DTLS heap-based overflow

→ No new info (linked only)

CISA KEV❌ No

Actively exploited❌ No

Patch available

5.9.1

CWECWE-122

PublishedApr 9, 2026

Last enriched4h agov2

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

CRITICALCVE-2026-5447EXP

Heap buffer overflow in CertFromX509() via AuthorityKeyIdentifier

Trending: 49

CRITICALCVE-2026-5194EXP

wolfSSL ECDSA Certificate Verification

Trending: 49

CRITICALCVE-2026-5501EXP

Improper Certificate Signature Verification in X.509 Chain Validation Allows Forged Leaf Certificates

Trending: 49

CRITICALCVE-2026-5477EXP

Prefix-substitution forgery via integer overflow in wolfCrypt CMAC

Trending: 49

CRITICALCVE-2026-5503EXP

out-of-bounds write in TLSX_EchChangeSNI via attacker-controlled publicName

Trending: 49

Pin to Dashboard

Verification

State: unverified

Confidence: 0%

Vulnerability Timeline

CVE Published

Apr 9, 2026

Discovered by ZDM

Apr 9, 2026

Patch Available

Apr 9, 2026

Updated: affectedVersions, severity, tags

Apr 10, 2026

Version History

Last enriched 4h ago

v2Tier C4h ago

Updated affected versions to 5.9.0, changed severity to CRITICAL, and added CVE-2026-5264 tag.

affectedVersionsseveritytags

via VulDB

v111h ago

Initial creation