exploitDog

CVE-2026-5772

Опубликовано: 09 апр. 2026

Источник: nvd

EPSS Низкий

Описание

A 1-byte stack buffer over-read was identified in the MatchDomainName function (src/internal.c) during wildcard hostname validation when the LEFT_MOST_WILDCARD_ONLY flag is active. If a wildcard * exhausts the entire hostname string, the function reads one byte past the buffer without a bounds check, which could cause a crash.

Ссылки

https://github.com/wolfSSL/wolfssl/pull/10119

EPSS

Процентиль: 13%

0.00042

Низкий

Дефекты

CWE-126

Связанные уязвимости

CVE-2026-5772

ubuntu

5 дней назад

A 1-byte stack buffer over-read was identified in the MatchDomainName function (src/internal.c) during wildcard hostname validation when the LEFT_MOST_WILDCARD_ONLY flag is active. If a wildcard * exhausts the entire hostname string, the function reads one byte past the buffer without a bounds check, which could cause a crash.

CVE-2026-5772

debian

5 дней назад

A 1-byte stack buffer over-read was identified in the MatchDomainName ...

GHSA-6v2v-jgg9-h79w

github

5 дней назад

A 1-byte stack buffer over-read was identified in the MatchDomainName function (src/internal.c) during wildcard hostname validation when the LEFT_MOST_WILDCARD_ONLY flag is active. If a wildcard * exhausts the entire hostname string, the function reads one byte past the buffer without a bounds check, which could cause a crash.

EPSS

Процентиль: 13%

0.00042

Низкий

Дефекты

CWE-126