Buffer overflow in Wofssl Wolfssl
CVE-2026-3549
Heap Overflow in TLS 1.3 ECH parsing. An integer underflow existed in ECH extension parsing logic when calculating a buffer length, which resulted in writing beyond the bounds of an allocated buffer. Note that in wolfSSL, ECH is off by def…
Vulnerability class: Buffer Overflow
EPSS: 0.000 (8.2th percentile) — read the EPSS interpretation.
Affected products
- Wofssl Wolfssl — versions 0