|
11
|
5.3 |
MEDIUM
Network
|
wolfssl
|
wolfssl
|
Certificates with wildcard DNS SANs (e.g. *.example.com) bypassed CA name-constraint checks. A certificate with a wildcard DNS SAN that should be rejected by the issuing CA's permitted/excluded DNS n…
New
|
CWE-295
Improper Certificate Validation
|
CVE-2026-10592
|
2026-06-27 03:55 |
2026-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
12
|
7.5 |
HIGH
Network
|
wolfssl
|
wolfssl
|
X.509 trust-chain bypass in the OpenSSL compatibility certificate verifier (wolfSSL_X509_verify_cert()). This affects only builds with --enable-opensslextra (OPENSSL_EXTRA) and whose application vali…
New
|
CWE-295
Improper Certificate Validation
|
CVE-2026-11310
|
2026-06-27 03:54 |
2026-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
13
|
7.5 |
HIGH
Network
|
microsoft
|
cost_management
|
Exposure of sensitive information to an unauthorized actor in Cost Management Interactive Experiences allows an unauthorized attacker to disclose information over a network.
New
|
CWE-200
Information Exposure
|
CVE-2026-47633
|
2026-06-27 03:54 |
2026-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
14
|
7.5 |
HIGH
Network
|
wolfssl
|
wolfssl
|
Out-of-bounds heap read during SM2/SM3 certificate signature verification. When parsing a certificate with an SM3wSM2 signature, the Subject Key Identifier computation reads the trailing 65 bytes of …
New
|
CWE-125
Out-of-bounds Read
|
CVE-2026-12340
|
2026-06-27 03:54 |
2026-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
15
|
7.5 |
HIGH
Network
|
wolfssl
|
wolfssl
|
Out-of-bounds write in the Renesas TSIP TLS 1.3 transcript buffer. In tsip_StoreMessage() the capacity check guarding the fixed message bag (MSGBAG_SIZE) sets an error code but fails to return, so ex…
New
|
CWE-393
CWE-787
Return of Wrong Status Code
Out-of-bounds Write
|
CVE-2026-55958
|
2026-06-27 03:54 |
2026-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
16
|
7.5 |
HIGH
Network
|
wolfssl
|
wolfssl
|
Un-negotiated Raw Public Key (RFC 7250) accepted in place of an X.509 certificate, bypassing chain validation. A raw public key has no chain, so ParseCertRelative() accepts it without performing any …
New
|
CWE-295
Improper Certificate Validation
|
CVE-2026-55960
|
2026-06-27 03:54 |
2026-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
17
|
5.3 |
MEDIUM
Network
|
wolfssl
|
wolfssl
|
Chain intermediate CA:TRUE without keyCertSign accepted as a signing CA. Intermediate CA certificates are required to have the keyCertSign key usage when a Key Usage extension is present, but chain-s…
New
|
CWE-295
Improper Certificate Validation
|
CVE-2026-55964
|
2026-06-27 03:53 |
2026-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
18
|
5.5 |
MEDIUM
Local
|
jqlang
|
jq
|
jq is a command-line JSON processor. Prior to 1.8.2, on 32bit system, jvp_string_append has a chance of integer/multiple overflowing and then causing a massive buffer overrun. This vulnerability is …
New
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2026-54679
|
2026-06-27 03:53 |
2026-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
19
|
7.1 |
HIGH
Local
|
jqlang
|
jq
|
jq is a command-line JSON processor. Prior to 1.8.2,` jq --rawfile` can turn a handled oversized-string error into invalid-state reuse and a real heap out-of-bounds write in assertion-disabled builds…
New
|
CWE-787
Out-of-bounds Write
|
CVE-2026-49839
|
2026-06-27 03:53 |
2026-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
20
|
5.5 |
MEDIUM
Local
|
jqlang
|
jq
|
jq is a command-line JSON processor. Prior to 1.8.2, comparing two sufficiently deeply nested arrays with the == operator exhausts the C stack on jq's ordinary command-line surface, resulting in deni…
New
|
CWE-674
Uncontrolled Recursion
|
CVE-2026-47770
|
2026-06-27 03:53 |
2026-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
