CVE-2026-4395
Published: 19 March 2026
Summary
CVE-2026-4395 is a critical-severity Heap-based Buffer Overflow (CWE-122) vulnerability in Wolfssl Wolfssl. Its CVSS base score is 9.8 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 33.3th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-16 (Memory Protection) and SI-2 (Flaw Remediation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Directly requires identifying, reporting, testing, and deploying patches to remediate the heap-based buffer overflow in wolfSSL's KCAPI ECC code path as addressed by the provided GitHub pull request.
Implements runtime memory protections like address space layout randomization, stack canaries, and non-executable heap memory to prevent exploitation of the heap buffer overflow via attacker-controlled data writes.
Mandates validation of untrusted inputs such as oversized EC public key points in TLS ServerKeyExchange messages to prevent them from exceeding the 132-byte pubkey_raw buffer bounds.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Remote, unauthenticated heap buffer overflow exploitable via crafted TLS ServerKeyExchange message in wolfSSL library, enabling exploitation of public-facing TLS applications or services.
NVD Description
Heap-based buffer overflow in the KCAPI ECC code path of wc_ecc_import_x963_ex() in wolfSSL wolfcrypt allows a remote attacker to write attacker-controlled data past the bounds of the pubkey_raw buffer via a crafted oversized EC public key point. The WOLFSSL_KCAPI_ECC code…
more
path copies the input to key->pubkey_raw (132 bytes) using XMEMCPY without a bounds check, unlike the ATECC code path which includes a length validation. This can be triggered during TLS key exchange when a malicious peer sends a crafted ECPoint in ServerKeyExchange.
Deeper analysisAI
CVE-2026-4395 is a heap-based buffer overflow vulnerability in the KCAPI ECC code path of the wc_ecc_import_x963_ex() function within the wolfcrypt component of the wolfSSL library. The flaw occurs because the WOLFSSL_KCAPI_ECC code path copies input data to the key->pubkey_raw buffer, which is sized for 132 bytes, using XMEMCPY without bounds checking. In contrast, the ATECC code path includes length validation. This issue affects wolfSSL deployments that utilize the KCAPI ECC path.
A remote attacker can exploit the vulnerability by acting as a malicious TLS peer and sending a crafted oversized EC public key point, specifically via an ECPoint in the ServerKeyExchange message during TLS key exchange. Exploitation enables writing attacker-controlled data past the bounds of the pubkey_raw buffer. The vulnerability carries a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) and is associated with CWE-122 (Heap-based Buffer Overflow).
The wolfSSL GitHub pull request at https://github.com/wolfSSL/wolfssl/pull/9988 addresses the issue, providing a patch for mitigation. Security practitioners should apply this update to wolfSSL installations using the affected KCAPI ECC code path.
Details
- CWE(s)