exploitDog

CVE-2026-5392

Опубликовано: 10 апр. 2026

Источник: nvd

EPSS Низкий

Описание

Heap out-of-bounds read in PKCS7 parsing. A crafted PKCS7 message can trigger an OOB read on the heap. The missing bounds check is in the indefinite-length end-of-content verification loop in PKCS7_VerifySignedData().

Ссылки

https://github.com/wolfssl/wolfssl/pull/10039

EPSS

Процентиль: 2%

0.00014

Низкий

Дефекты

CWE-125

Связанные уязвимости

CVE-2026-5392

ubuntu

5 дней назад

Heap out-of-bounds read in PKCS7 parsing. A crafted PKCS7 message can trigger an OOB read on the heap. The missing bounds check is in the indefinite-length end-of-content verification loop in PKCS7_VerifySignedData().

CVE-2026-5392

debian

5 дней назад

Heap out-of-bounds read in PKCS7 parsing. A crafted PKCS7 message can ...

GHSA-52wm-3mqv-vmmj

github

5 дней назад

Heap out-of-bounds read in PKCS7 parsing. A crafted PKCS7 message can trigger an OOB read on the heap. The missing bounds check is in the indefinite-length end-of-content verification loop in PKCS7_VerifySignedData().

EPSS

Процентиль: 2%

0.00014

Низкий

Дефекты

CWE-125