CVE-2026-55967

Description

AES-GCM encryption/decryption with extremely large cumulative single message sizes (>64 GiB) were not properly rejected by the streaming APIs, allowing counter wrap, keystream reuse, and consequent plaintext recovery.

CVSS breakdown

CVSS 4.0

Attack Vector

Local

Attack Complexity

High

Attack Requirements

Present

Privileges Required

Low

User Interaction

None

Confidentiality (Vulnerable System)

Low

Integrity (Vulnerable System)

None

Availability (Vulnerable System)

None

Confidentiality (Subsequent System)

None

Integrity (Subsequent System)

None

Availability (Subsequent System)

None

Affected products

wolfSSL / wolfSSL4.8.0 – 5.9.1

References

PATCHhttps://github.com/wolfSSL/wolfssl/pull/10709
MISChttps://www.wolfssl.com/docs/security-vulnerabilities/