Description
Potential read out of bounds case with wolfSSHd on Windows while handling a terminal resize request. An authenticated user could trigger the out of bounds read after establishing a connection which would leak the adjacent stack memory to the pseudo-console output.
Published: 2026-04-20
Score: 2.3 Low
EPSS: n/a
KEV: No
Impact: Information Disclosure
Action: Patch
AI Analysis

Impact

An out‑of‑bounds read in wolfSSHd on Windows occurs when the server processes a terminal resize request, allowing an authenticated user to leak the content of adjacent stack memory into the pseudo‑console output. This can expose sensitive data stored on the stack and potentially compromise confidentiality. The weakness is a classic buffer overread (CWE‑126).

Affected Systems

This issue affects the wolfSSL wolfSSH product on Windows platforms. No specific affected versions are listed in the advisory, so the recommendation is to apply the most recent patch that addresses the resize handling bug.

Risk and Exploitability

The vulnerability carries a low CVSS score of 2.3 and has no EPSS data available; it is not listed in the CISA KEV catalog. The attack requires an authenticated SSH session; after establishing the connection, a malicious user can send a terminal resize command to trigger the read. Because the exploit relies on normal operational actions rather than a malicious code payload, the practical risk is primarily limited to confidentiality leakage rather than remote code execution.

Generated by OpenCVE AI on April 20, 2026 at 23:57 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade wolfSSH to the latest release that includes the fix for the resize‑handling buffer leak.
  • Disable terminal resize capability or the pseudo‑console feature on Windows if the upgrade cannot be applied immediately.
  • Audit SSH access logs for unexpected memory‑leak indicators and monitor for any anomalous data appearing in terminal output.

Generated by OpenCVE AI on April 20, 2026 at 23:57 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 20 Apr 2026 21:45:00 +0000

Type Values Removed Values Added
Description Potential read out of bounds case with wolfSSHd on Windows while handling a terminal resize request. An authenticated user could trigger the out of bounds read after establishing a connection which would leak the adjacent stack memory to the pseudo-console output.
Title Potential wolfSSHd Buffer out-of-bounds Read on Windows Handling Terminal Resize
Weaknesses CWE-126
References
Metrics cvssV4_0

{'score': 2.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N'}

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: wolfSSL

Published:

Updated: 2026-04-20T21:28:33.227Z

Reserved: 2026-01-13T23:45:50.452Z

Link: CVE-2026-0930

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-04-20T22:16:23.210

Modified: 2026-04-20T22:16:23.210

Link: CVE-2026-0930

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-21T00:00:13Z

Weaknesses