NextGuard
UNKNOWNCVE-2026-28815

A remote attacker can supply a short X-Wing HPKE encapsulated key and trigger an out-of-bounds read in the C decapsulation path, potentially causing a crash or memory disclosure depending on runtime p

Platform

swift

Component

swift-crypto

Fixed in

4.3.1

View on NVD

A remote attacker can supply a short X-Wing HPKE encapsulated key and trigger an out-of-bounds read in the C decapsulation path, potentially causing a crash or memory disclosure depending on runtime protections. This issue is fixed in swift-crypto version 4.3.1.

How to fix

Actualice la biblioteca swift-crypto a la versión 4.3.1 o superior. Esto corrige la vulnerabilidad de lectura fuera de límites que podría provocar una caída o divulgación de memoria.

Monitor your dependencies automatically

Get notified when new vulnerabilities affect your projects. Free forever.

Start free
CVE-2026-28815 — Vulnerability Details | NextGuard | NextGuard