{
  "threat_severity" : "Moderate",
  "public_date" : "2026-04-09T20:13:34Z",
  "bugzilla" : {
    "description" : "wolfSSL: wolfSSL: Heap buffer overflow via AuthorityKeyIdentifier size confusion",
    "id" : "2457074",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2457074"
  },
  "cvss3" : {
    "cvss3_base_score" : "5.3",
    "cvss3_scoring_vector" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
    "status" : "draft"
  },
  "cwe" : "CWE-131",
  "details" : [ "A flaw was found in wolfSSL. A heap buffer overflow, a type of memory corruption vulnerability, occurs when converting an X.509 certificate internally due to incorrect size handling of the AuthorityKeyIdentifier extension. A remote attacker could exploit this flaw to cause a low integrity impact." ],
  "statement" : "This vulnerability doesn't affect any versions of MariaDB as shipped with Red Hat Products. For Red Hat products MariaDB is compiled and linked against the system's OpenSSL library instead of using the MariaDB's bundled WolfSSL library routines.",
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2026-5447\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-5447\nhttps://github.com/wolfSSL/wolfssl/pull/10112" ],
  "name" : "CVE-2026-5447",
  "csaw" : false
}