{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-3849", "assignerOrgId": "50d2cd11-d01a-48ed-9441-5bfce9d63b27", "state": "PUBLISHED", "assignerShortName": "wolfSSL", "dateReserved": "2026-03-09T19:50:50.081Z", "datePublished": "2026-03-19T20:29:30.839Z", "dateUpdated": "2026-03-25T14:21:17.389Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "50d2cd11-d01a-48ed-9441-5bfce9d63b27", "shortName": "wolfSSL", "dateUpdated": "2026-03-19T20:29:30.839Z"}, "title": "Buffer Overflow in HPKE via Oversized ECH Config", "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-787", "description": "CWE-787: Out-of-bounds Write", "type": "CWE"}]}], "affected": [{"vendor": "wolfSSL Inc.", "product": "wolfSSL", "versions": [{"status": "affected", "version": "v5.6.0-stable", "lessThanOrEqual": "v5.8.4-stable", "versionType": "git"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "Stack Buffer Overflow in wc_HpkeLabeledExtract via Oversized ECH Config. A vulnerability existed in wolfSSL 5.8.4 ECH (Encrypted Client Hello) support, where a maliciously crafted ECH config could cause a stack buffer overflow on the client side, leading to potential remote execution and client program crash. This could be exploited by a malicious TLS server supporting ECH. Note that ECH is off by default, and is only enabled with enable-ech.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "<div>Stack Buffer Overflow in wc_HpkeLabeledExtract via Oversized ECH Config. A vulnerability existed in wolfSSL 5.8.4 ECH (Encrypted Client Hello) support, where a maliciously crafted ECH config could cause a stack buffer overflow on the client side, leading to potential remote execution and client program crash. This could be exploited by a malicious TLS server supporting ECH. Note that ECH is off by default, and is only enabled with enable-ech.</div><div><br></div>"}]}], "references": [{"url": "https://github.com/wolfSSL/wolfssl/pull/9737"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV4_0": {"attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "NONE", "vulnConfidentialityImpact": "NONE", "subConfidentialityImpact": "NONE", "vulnIntegrityImpact": "LOW", "subIntegrityImpact": "NONE", "vulnAvailabilityImpact": "LOW", "subAvailabilityImpact": "NONE", "exploitMaturity": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "DIFFUSE", "vulnerabilityResponseEffort": "MODERATE", "providerUrgency": "AMBER", "version": "4.0", "baseSeverity": "MEDIUM", "baseScore": 6.9, "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/V:D/RE:M/U:Amber"}}], "credits": [{"lang": "en", "value": "Haruto Kimura (Stella)", "type": "finder"}], "source": {"discovery": "EXTERNAL"}, "x_generator": {"engine": "Vulnogram 1.0.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-25T14:21:05.452094Z", "id": "CVE-2026-3849", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-25T14:21:17.389Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-3849", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-25T14:21:05.452094Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-25T14:21:10.835Z"}}], "cna": {"title": "Buffer Overflow in HPKE via Oversized ECH Config", "source": {"discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "finder", "value": "Haruto Kimura (Stella)"}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 6.9, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "valueDensity": "DIFFUSE", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/V:D/RE:M/U:Amber", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "AMBER", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "LOW", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "LOW", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnerabilityResponseEffort": "MODERATE"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "wolfSSL Inc.", "product": "wolfSSL", "versions": [{"status": "affected", "version": "v5.6.0-stable", "versionType": "git", "lessThanOrEqual": "v5.8.4-stable"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://github.com/wolfSSL/wolfssl/pull/9737"}], "x_generator": {"engine": "Vulnogram 1.0.0"}, "descriptions": [{"lang": "en", "value": "Stack Buffer Overflow in wc_HpkeLabeledExtract via Oversized ECH Config. A vulnerability existed in wolfSSL 5.8.4 ECH (Encrypted Client Hello) support, where a maliciously crafted ECH config could cause a stack buffer overflow on the client side, leading to potential remote execution and client program crash. This could be exploited by a malicious TLS server supporting ECH. Note that ECH is off by default, and is only enabled with enable-ech.", "supportingMedia": [{"type": "text/html", "value": "<div>Stack Buffer Overflow in wc_HpkeLabeledExtract via Oversized ECH Config. A vulnerability existed in wolfSSL 5.8.4 ECH (Encrypted Client Hello) support, where a maliciously crafted ECH config could cause a stack buffer overflow on the client side, leading to potential remote execution and client program crash. This could be exploited by a malicious TLS server supporting ECH. Note that ECH is off by default, and is only enabled with enable-ech.</div><div><br></div>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-787", "description": "CWE-787: Out-of-bounds Write"}]}], "providerMetadata": {"orgId": "50d2cd11-d01a-48ed-9441-5bfce9d63b27", "shortName": "wolfSSL", "dateUpdated": "2026-03-19T20:29:30.839Z"}}}, "cveMetadata": {"cveId": "CVE-2026-3849", "state": "PUBLISHED", "dateUpdated": "2026-03-25T14:21:17.389Z", "dateReserved": "2026-03-09T19:50:50.081Z", "assignerOrgId": "50d2cd11-d01a-48ed-9441-5bfce9d63b27", "datePublished": "2026-03-19T20:29:30.839Z", "assignerShortName": "wolfSSL"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:wolfssl:wolfssl:*:*:*:*:*:*:*:*", "matchCriteriaId": "2D7DB269-3D15-4DD9-B47E-2A94CC36BE3E", "versionEndExcluding": "5.9.0", "versionStartIncluding": "5.6.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Stack Buffer Overflow in wc_HpkeLabeledExtract via Oversized ECH Config. A vulnerability existed in wolfSSL 5.8.4 ECH (Encrypted Client Hello) support, where a maliciously crafted ECH config could cause a stack buffer overflow on the client side, leading to potential remote execution and client program crash. This could be exploited by a malicious TLS server supporting ECH. Note that ECH is off by default, and is only enabled with enable-ech."}, {"lang": "es", "value": "Desbordamiento de b\u00fafer de pila en wc_HpkeLabeledExtract a trav\u00e9s de una configuraci\u00f3n ECH sobredimensionada. Exist\u00eda una vulnerabilidad en el soporte ECH (Encrypted Client Hello) de wolfSSL 5.8.4, donde una configuraci\u00f3n ECH creada maliciosamente podr\u00eda causar un desbordamiento de b\u00fafer de pila en el lado del cliente, lo que podr\u00eda llevar a una ejecuci\u00f3n remota potencial y a un fallo del programa del cliente. Esto podr\u00eda ser explotado por un servidor TLS malicioso que soporte ECH. Tenga en cuenta que ECH est\u00e1 desactivado por defecto y solo se habilita con enable-ech."}], "id": "CVE-2026-3849", "lastModified": "2026-03-26T18:20:36.580", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 6.9, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "AMBER", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "DIFFUSE", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:D/RE:M/U:Amber", "version": "4.0", "vulnAvailabilityImpact": "LOW", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "MODERATE"}, "source": "facts@wolfssl.com", "type": "Secondary"}]}, "published": "2026-03-19T21:17:13.407", "references": [{"source": "facts@wolfssl.com", "tags": ["Issue Tracking", "Patch"], "url": "https://github.com/wolfSSL/wolfssl/pull/9737"}], "sourceIdentifier": "facts@wolfssl.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "facts@wolfssl.com", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[v5.6.0-stable,v5.8.4-stable]"}}], "enrichment": {"confidence": 95.0, "confidence_source": "inferred", "scores": [{"score": 95.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "wolfSSL", "source": "cna", "vendor": "wolfSSL Inc."}, "product": "wolfssl", "vendor": "wolfssl"}], "analysis": {"en": {"generated_at": "2026-04-15T08:36:44.882644+00:00", "value": {"mitigation_remediation": ["Upgrade wolfSSL to a release that includes the HPKE ECH patch (a version newer than 5.8.4).", "If upgrading is not immediately possible, disable ECH by removing the enable\u2011ech option from the client configuration.", "Restrict the client to communicate only with trusted TLS servers by validating certificates or applying certificate pinning, thereby reducing the opportunity for a malicious server to deliver an oversized ECH packet."], "summary": {"action": "Patch Upgrade", "impact": "Remote Code Execution"}, "threat_synthesis": {"affected_systems": "The affected package is wolfSSL Inc.'s wolfSSL library version 5.8.4, which implements ECH support. Any client that uses this library with the enable\u2011ech option set is vulnerable. Versions older than 5.8.4 or those patched after 5.8.4 are not affected.", "description_and_impact": "A stack buffer overflow occurs in the wc_HpkeLabeledExtract function of wolfSSL when it processes an oversized Encrypted Client Hello (ECH) configuration packet supplied by a TLS server. The flaw allows the attacker to execute arbitrary code or crash the client application, compromising confidentiality, integrity, and availability on the affected device. The vulnerability is triggered only if ECH is enabled, and the overflow happens on the client side during the extraction of HPKE parameters.", "risk_and_exploitability": "The CVSS score of 6.9 indicates medium severity, while the EPSS score of less than 1\u202f% suggests a low probability of active exploitation. The vulnerability is not listed in the CISA KEV catalog. Exploitation requires a malicious TLS server capable of sending an oversized ECH configuration; if the server is under the attacker\u2019s control or the client accepts connections from untrusted parties, remote code execution or a client crash can result."}}}}, "created": "2026-03-20T08:56:15.517307+00:00", "updated": "2026-04-15T16:45:09.837649+00:00", "vendors": ["wolfssl", "wolfssl$PRODUCT$wolfssl"]}