CVE-2026-6325
HighCVSS 7.5Exploitation Probability (EPSS)
Low risk7th percentile — higher than 7% of all known CVEs
Summary
The vulnerability allows an out-of-bounds write in the SetSuitesHashSigAlgo function when processing an oversized signature algorithms list, potentially leading to a buffer overflow.
Risk Assessment
An attacker could exploit this vulnerability to execute arbitrary code remotely or cause a system crash, posing a serious threat to data confidentiality, integrity, and availability.
Recommendation
Apply the patch provided by the vendor immediately and update the software to the latest version that fixes this vulnerability.
Original NVD description (English source)
Out-of-bounds write in SetSuitesHashSigAlgo when processing an oversized signature algorithms list, allowing a write past the bounds of the destination buffer.

