wolfSSL Library: Error Parsing X.509 Certificate Dates

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

2.3

wolfSSL Library: Error Parsing X.509 Certificate Dates

CVE-2026-5448

Summary

A bug in the wolfSSL library can cause a security issue if an attacker creates a specially crafted X.509 certificate. This bug only affects specific direct calls to the library, not regular operations like secure connections. To stay safe, make sure to update to the latest version of wolfSSL.

Original title

Original description

X.509 date buffer overflow in wolfSSL_X509_notAfter / wolfSSL_X509_notBefore. A buffer overflow may occur when parsing date fields from a crafted X.509 certificate via the compatibility layer API. This is only triggered when calling these two APIs directly from an application, and does not affect TLS or certificate verify operations in wolfSSL.

nvd CVSS4.0 2.3

Vulnerability type

CWE-122 Heap-based Buffer Overflow

https://github.com/wolfSSL/wolfssl/pull/10071

Published: 10 Apr 2026 · Updated: 10 Apr 2026 · First seen: 10 Apr 2026