Cyber Resilience

CVE-2026-6679

High

Published: 25 June 2026

Published
25 June 2026
Modified
27 June 2026
KEV Added
Patch
CVSS Score v4 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0039 30.4th percentile
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2026-6679 is a high-severity Integer Overflow or Wraparound (CWE-190) vulnerability in Wolfssl Wolfssl. Its CVSS base score is 8.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 30.4th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

EU & UK References

Vulnerability details

A heap buffer overflow could occur in the DTLS 1.3 ACK serialization path before the connecting peer is authenticated. The buffer overflow was due to an integer truncation when computing the length of the ACK record-number list, causing an undersized…

more

buffer to be allocated and then overrun. This affects builds using DTLS 1.3 and wolfSSL version 5.9.0 and earlier. A fix was added to the 5.9.1 release.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Why these techniques?

Remote heap buffer overflow in unauthenticated DTLS 1.3 path directly enables exploitation of a public-facing network service.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2020-36177Same product: Wolfssl Wolfssl
CVE-2022-39173Same product: Wolfssl Wolfssl
CVE-2021-45939Same vendor: Wolfssl
CVE-2021-45936Same vendor: Wolfssl
CVE-2021-45934Same vendor: Wolfssl
CVE-2021-45938Same vendor: Wolfssl
CVE-2021-45937Same vendor: Wolfssl
CVE-2021-45933Same vendor: Wolfssl
CVE-2021-45932Same vendor: Wolfssl
CVE-2020-11167Shared CWE-190, CWE-787

Affected Assets

wolfssl
wolfssl
5.4.0 — 5.9.1

Mitigating Controls

Likely Mitigating Controls AI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

addresses: CWE-787

Out-of-bounds writes that corrupt control flow or inject shellcode are rendered non-executable by the same memory protections.

References