Vulnerability - CVE-2026-5264

›

›vulnerability›CVE-2026-5264

Name

CVE-2026-5264

Source

NVD ( link)Debian ( link)

Description

Heap buffer overflow in DTLS 1.3 ACK message processing. A remote attacker can send a crafted DTLS 1.3 ACK message that triggers a heap buffer overflow.

CWEs

Published Date

Apr 9, 2026

Updated Date

Jun 17, 2026

Workaround

-

Advisories

https://github.com/wolfssl/wolfssl/pull/10076Issue Tracking

Analysis#

Affected Component

Analysis

Vulnerability Ratings#

8.3

CVSSv4

9.8

CVSSv31

NaN

other

Others affected components#

Name

Project

Project Version

Version

Status

buildroot

2025.02.x

5.9.1

Not Affected

buildroot

master

5.9.1

Not Affected

openwrt

master

5.9.1-r1

Not Affected

openwrt

openwrt-25.12

5.9.1-r1

Not Affected

yocto

master

5.9.1

Not Affected

yocto

scarthgap

5.7.2

Exploitable