CVE-2026-4159 — Out-of-bounds Read in Wolfssl

CWE-125 — Out-of-bounds Read21 documents6 sources

Severity

1.2LOWNVD

EPSS

0.0%

top 95.13%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Wolfssl Debian Wolfssl Msrc Azl3 Mariadb 10.11.16-1 ON Azure Linux 3.0 +1 more

Timeline

PublishedMar 19

Latest updateMar 20

Description

1-byte OOB heap read in wc_PKCS7_DecodeEnvelopedData via zero-length encrypted content. A vulnerability existed in wolfSSL 5.8.4 and earlier, where a 1-byte out-of-bounds heap read in wc_PKCS7_DecodeEnvelopedData could be triggered by a crafted CMS EnvelopedData message with zero-length encrypted content. Note that PKCS7 support is disabled by default.

CVSS vector

CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

Affected Packages5 packages

▶debiandebian/wolfssl< wolfssl 5.9.0-0.1 (forky)

▶CVEListV5wolfssl/wolfssl< 5.9.0

▶Debianwolfssl/wolfssl< 5.9.0-0.1

▶msrcmsrc/cbl2_mariadb_10.6.24-1_on_cbl_mariner_2.0

▶msrcmsrc/azl3_mariadb_10.11.16-1_on_azure_linux_3.0

🔴Vulnerability Details

GHSA

GHSA-m9r6-9wmx-24jv: 1-byte OOB heap read in wc_PKCS7_DecodeEnvelopedData via zero-length encrypted content↗2026-03-20

▶

OSV

CVE-2026-4159: 1-byte OOB heap read in wc_PKCS7_DecodeEnvelopedData via zero-length encrypted content↗2026-03-19

▶

📋Vendor Advisories

Microsoft

wc_PKCS7_DecodeEnvelopedData 1 byte out-of-bounds read↗2026-03-10

▶

Debian

CVE-2026-4159: wolfssl - 1-byte OOB heap read in wc_PKCS7_DecodeEnvelopedData via zero-length encrypted c...↗2026

▶

🕵️Threat Intelligence

Wiz

CVE-2026-4395 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶

Wiz

CVE-2026-3580 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶

Wiz

CVE-2026-3549 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶

Wiz

CVE-2026-0819 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶

Wiz

CVE-2026-3229 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶