ANT-2026-0JRYQPCF · wolfSSL

heap-buffer-overflow high

CVE-2026-5503

Severity Claude high · Security research firm high · Maintainer -

Discovered by Claude Mythos Preview

SECURITY RESEARCH FIRM ANALYSIS

Triage and disclosure were performed by Calif.

Verdict
true positive
Severity
high
TIMELINE

Dates from discovery through public reveal.

  1. 2026-03-29 Reported to tracker
  2. 2026-04-05 Sent to maintainer
  3. 2026-05-07 Patch released
  4. 2026-05-07 Maintainer acknowledged
  5. 2026-05-20 Publicly revealed
PROVENANCE

SHA-3-512 hash:

5175ece3afdba9cf93587112f7601b7e22caaf48410a2cb260e59f4b801eedbaf9de7f494493b446bd9e829ce6162cd0dcf3b285879b0f82342bc38b1e3b1ac8

Committed 2026-04-05 16:37 PT

Revealed 2026-05-20 00:40 PT

Verify (download preimage.json)

Show preimage JSON 
{
  "ant_id": "ANT-2026-0JRYQPCF",
  "bug_class": "heap-buffer-overflow",
  "claude_severity": "high",
  "commit_sha": null,
  "created_at": "2026-03-29T20:42:36+00:00",
  "description": null,
  "discovered_at": null,
  "location": null,
  "poc_sha256": null,
  "preimage_version": 1,
  "project": "wolfSSL",
  "reproduction": null,
  "technical_details": null,
  "title": "wolfssl ech heap buffer overflow via publicname sni pol",
  "vendor_severity": "high"
}