—

CVE-2026-5264PATCHED

wolfssl · wolfssl

DTLS 1.3 ACK heap buffer overflow

Description

Heap buffer overflow in DTLS 1.3 ACK message processing. A remote attacker can send a crafted DTLS 1.3 ACK message that triggers a heap buffer overflow.

Affected Products

Vendor	Product	Versions
wolfssl	wolfssl	0, 5.9.0

References

https://github.com/wolfssl/wolfssl/pull/10076

Related News (1 articles)

Tier C

VulDB3h ago

CVE-2026-5264 | wolfSSL up to 5.9.0 DTLS heap-based overflow

→ No new info (linked only)

CISA KEV❌ No

Actively exploited❌ No

Patch available

5.9.1

CWECWE-122

PublishedApr 9, 2026

Last enriched2h agov2

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

CRITICALCVE-2026-5447EXP

Heap buffer overflow in CertFromX509() via AuthorityKeyIdentifier

Trending: 50

CRITICALCVE-2026-5477EXP

Prefix-substitution forgery via integer overflow in wolfCrypt CMAC

Trending: 50

CRITICALCVE-2026-5263EXP

URI nameConstraints not enforced in ConfirmNameConstraints()

Trending: 50

CRITICALCVE-2026-5446EXP

wolfSSL ARIA-GCM TLS 1.2/DTLS 1.2 GCM nonce reuse

Trending: 50

CRITICALCVE-2026-5194EXP

wolfSSL ECDSA Certificate Verification

Trending: 49

Pin to Dashboard

Verification

State: unverified

Confidence: 0%

Vulnerability Timeline

CVE Published

Apr 9, 2026

Discovered by ZDM

Apr 9, 2026

Patch Available

Apr 9, 2026

Updated: affectedVersions, severity, tags

Apr 10, 2026

Version History

Last enriched 2h ago

v2Tier C2h ago

Updated affected versions to 5.9.0, changed severity to CRITICAL, and added CVE-2026-5264 tag.

affectedVersionsseveritytags

via VulDB

v19h ago

Initial creation