CSIRTS // UNIFIED SECURITY ADVISORY FEEDSYS ● ONLINE · POWERED BY INTELFUSIONS.COM

CVE-2026-6679

highCVSS 7.5covered by 1 sourcefirst seen 2026-06-25
A heap buffer overflow could occur in the DTLS 1.3 ACK serialization path before the connecting peer is authenticated. The buffer overflow was due to an integer truncation when computing the length of the ACK record-number list, causing an undersized buffer to be allocated and then overrun. This affects builds using DTLS 1.3 and wolfSSL version 5.9.0 and earlier. A fix was added to the 5.9.1 release.

⚡ Watch CVE-2026-6679

Get an email if CVE-2026-6679 is added to CISA KEV, gains public exploit code, or a new advisory cites it — max one per day, one-click unsubscribe.

Exploitation outlook

Advisory coverage (1)

External references

NVD record for CVE-2026-6679

CVE.org record

Embed the live status

CVE-2026-6679 live status badge — this badge updates automatically when the KEV or exploit status changes. How to embed it →

[![CVE-2026-6679 status](https://www.csirts.com/badge/CVE-2026-6679)](https://www.csirts.com/cve/CVE-2026-6679)