CVE-2026-3549

CRITICAL

wolfSSL < 5.9.0 - Heap Buffer Overflow in TLS 1.3 ECH Parsing

Title source: manual

Description

Heap Overflow in TLS 1.3 ECH parsing. An integer underflow existed in ECH extension parsing logic when calculating a buffer length, which resulted in writing beyond the bounds of an allocated buffer. Note that in wolfSSL, ECH is off by default, and the ECH standard is still evolving.

References (1)

Core 1

Core References

https://github.com/wolfSSL/wolfssl/pull/9817

Scores

CVSS v3 9.8

EPSS 0.0049

EPSS Percentile 37.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact total

Details

CWE

CWE-122

Status published

Products (2)

wofSSL/wolfSSL < 5.9.0

wolfssl/wolfssl < 5.9.0

Published Mar 19, 2026

Tracked Since Mar 20, 2026