Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2026-3849

Опубликовано: 19 мар. 2026
Источник: nvd
CVSS3: 9.8
EPSS Низкий

Описание

Stack Buffer Overflow in wc_HpkeLabeledExtract via Oversized ECH Config. A vulnerability existed in wolfSSL 5.8.4 ECH (Encrypted Client Hello) support, where a maliciously crafted ECH config could cause a stack buffer overflow on the client side, leading to potential remote execution and client program crash. This could be exploited by a malicious TLS server supporting ECH. Note that ECH is off by default, and is only enabled with enable-ech.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:wolfssl:wolfssl:*:*:*:*:*:*:*:*
Версия от 5.6.0 (включая) до 5.9.0 (исключая)

EPSS

Процентиль: 42%
0.00199
Низкий

9.8 Critical

CVSS3

Дефекты

CWE-787

Связанные уязвимости

msrc логотип

CVE-2026-3849

msrc
7 дней назад

Buffer Overflow in HPKE via Oversized ECH Config

debian логотип

CVE-2026-3849

CVSS3: 9.8
debian
12 дней назад

Stack Buffer Overflow in wc_HpkeLabeledExtract via Oversized ECH Confi ...

github логотип

GHSA-267h-vrw9-53p3

CVSS3: 9.8
github
12 дней назад

Stack Buffer Overflow in wc_HpkeLabeledExtract via Oversized ECH Config. A vulnerability existed in wolfSSL 5.8.4 ECH (Encrypted Client Hello) support, where a maliciously crafted ECH config could cause a stack buffer overflow on the client side, leading to potential remote execution and client program crash. This could be exploited by a malicious TLS server supporting ECH. Note that ECH is off by default, and is only enabled with enable-ech.

EPSS

Процентиль: 42%
0.00199
Низкий

9.8 Critical

CVSS3

Дефекты

CWE-787