Description
Stack Buffer Overflow in wc_HpkeLabeledExtract via Oversized ECH Config. A vulnerability existed in wolfSSL 5.8.4 ECH (Encrypted Client Hello) support, where a maliciously crafted ECH config could cause a stack buffer overflow on the client side, leading to potential remote execution and client program crash. This could be exploited by a malicious TLS server supporting ECH. Note that ECH is off by default, and is only enabled with enable-ech.
References (1)
Core 1
Core References
Scores
CVSS v3
9.8
EPSS
0.0044
EPSS Percentile
35.1%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
yes
Technical Impact
partial
Details
CWE
CWE-787
Status
published
Products (2)
wolfssl/wolfssl
5.6.0 - 5.9.0
wolfSSL Inc./wolfSSL
v5.6.0-stable - v5.8.4-stable
Published
Mar 19, 2026
Tracked Since
Mar 20, 2026