CVE-2026-5188 — HIGH (8.1) — White Hats Nepal

Q: How severe is CVE-2026-5188?

CVE-2026-5188 has been rated HIGH with a CVSS base score of 8.1/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2026-5188?

Check the references section above for vendor advisories and patch information. Affected products include: Wolfssl Wolfssl.

Vulnerability Description

An integer underflow issue exists in wolfSSL when parsing the Subject Alternative Name (SAN) extension of X.509 certificates. A malformed certificate can specify an entry length larger than the enclosing sequence, causing the internal length counter to wrap during parsing. This results in incorrect handling of certificate data. The issue is limited to configurations using the original ASN.1 parsing implementation which is off by default.

CVSS Score

8.1

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

NONE

Availability

HIGH

Affected Products

Vendor	Product	Versions
Wolfssl	Wolfssl	< 5.9.1

Related Weaknesses (CWE)

CWE-191

References

https://github.com/wolfSSL/wolfssl/pull/10024Issue TrackingPatch

FAQ

What is CVE-2026-5188?

CVE-2026-5188 is a vulnerability with a CVSS score of 8.1 (HIGH). An integer underflow issue exists in wolfSSL when parsing the Subject Alternative Name (SAN) extension of X.509 certificates. A malformed certificate can specify an entry length larger than the enclos...

How severe is CVE-2026-5188?

CVE-2026-5188 has been rated HIGH with a CVSS base score of 8.1/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2026-5188?

Check the references section above for vendor advisories and patch information. Affected products include: Wolfssl Wolfssl.