Wolfssl
32 CVEsCVE IDSeverityProduct / summaryPublished
CVE-2026-10097
HIGH 8.3
Wolfssl — wolfSSL's AVX2-optimized ML-KEM implementation (mlkem_cmp_avx2) compares only 1536 of the 1568 ciphertext byte…
2026-06-25
CVE-2026-10098
MEDIUM 6.3
Wolfssl — OCSP CertID serial-number length-confusion in wolfSSL_OCSP_resp_find_status allows a same-issuer SingleRespons…
2026-06-25
CVE-2026-10512
LOW 2.3
Wolfssl — The X25519 x86_64 assembly implementation fails to clear the most significant bit during the final modular red…
2026-06-25
CVE-2026-10592
MEDIUM 6.3
Wolfssl — Certificates with wildcard DNS SANs (e.g. *.example.com) bypassed CA name-constraint checks. A certificate wit…
2026-06-25
CVE-2026-11310
HIGH 8.7
Wolfssl — X.509 trust-chain bypass in the OpenSSL compatibility certificate verifier (wolfSSL_X509_verify_cert()). This …
2026-06-25
CVE-2026-11703
MEDIUM 6
Wolfssl — Missing SNI/ALPN binding on stateful (session-ID) resumption, which previously skipped the binding check perfo…
2026-06-25
CVE-2026-11999
HIGH 8.2
Wolfssl — X.509 trust-chain bypass (path-depth exhaustion) in the OpenSSL compatibility certificate verifier (wolfSSL_X5…
2026-06-25
CVE-2026-12340
MEDIUM 6.3
Wolfssl — Out-of-bounds heap read during SM2/SM3 certificate signature verification. When parsing a certificate with an …
2026-06-25
CVE-2026-55958
HIGH 8.3
Wolfssl — Out-of-bounds write in the Renesas TSIP TLS 1.3 transcript buffer. In tsip_StoreMessage() the capacity check g…
2026-06-25
CVE-2026-55960
HIGH 8.2
Wolfssl — Un-negotiated Raw Public Key (RFC 7250) accepted in place of an X.509 certificate, bypassing chain validation.…
2026-06-25
CVE-2026-55961
HIGH 8.2
Wolfssl — wolfSSL_PKCS7_verify() returning success for a degenerate (certs-only) PKCS#7 object that contains no signer. …
2026-06-25
CVE-2026-55962
MEDIUM 6
Wolfssl — TLS 1.3 post-handshake authentication (PHA) issue where a server could accept a client's Finished message with…
2026-06-25
CVE-2026-55964
MEDIUM 6.3
Wolfssl — Chain intermediate CA:TRUE without keyCertSign accepted as a signing CA. Intermediate CA certificates are requ…
2026-06-25
CVE-2026-55967
LOW 2
Wolfssl — AES-GCM encryption/decryption with extremely large cumulative single message sizes (>64 GiB) were not properly…
2026-06-25
CVE-2026-6091
MEDIUM 6
Wolfssl — Partial-chain certificate verification may accept chains that terminate at a peer-supplied, untrusted intermed…
2026-06-25
CVE-2026-6092
LOW 2.1
Wolfssl — When HAVE_ENCRYPT_THEN_MAC is configured, the implementation could fall back to MAC-then-Encrypt rather than e…
2026-06-25
CVE-2026-6094
MEDIUM 6.3
Wolfssl — Heap buffer overread in wc_PKCS7_DecodeEnvelopedData when parsing crafted PKCS7 EnvelopedData. This could theo…
2026-06-25
CVE-2026-6291
MEDIUM 6
Wolfssl — Bleichenbacher padding oracle in PKCS#7 KTRI decryption. When decrypting PKCS#7 EnvelopedData using RSA PKCS#1…
2026-06-25
CVE-2026-6325
LOW 2
Wolfssl — Out-of-bounds write in SetSuitesHashSigAlgo when processing an oversized signature algorithms list, allowing a…
2026-06-25
CVE-2026-6329
MEDIUM 6
Wolfssl — PKCS#12 MAC verification uses an attacker-controlled comparison length, weakening the integrity check on the M…
2026-06-25
CVE-2026-6330
MEDIUM 6.3
Wolfssl — The ML-KEM ARM64 NEON ciphertext comparison only compares half of the input, breaking the Fujisaki-Okamoto tra…
2026-06-25
CVE-2026-6331
LOW 2.1
Wolfssl — HMAC zero-length tag forgery in EVP_DigestVerifyFinal, where a zero-length tag could be accepted as valid duri…
2026-06-25
CVE-2026-6412
LOW 2.3
Wolfssl — Certificate policy and RFC 8446 compliance concerns regarding the continued acceptance of SHA-1/MD5 in certifi…
2026-06-25
CVE-2026-6450
LOW 1
Wolfssl — A CRL critical extension bypass exists in ParseCRL_Extensions where critical extensions are not properly enfor…
2026-06-25
CVE-2026-6678
LOW 1
Wolfssl — Integer underflow in wc_PKCS7_DecryptOri when handling crafted Other Recipient Info, leading to incorrect leng…
2026-06-25
CVE-2026-6679
HIGH 8.8
Wolfssl — A heap buffer overflow could occur in the DTLS 1.3 ACK serialization path before the connecting peer is authen…
2026-06-25
CVE-2026-6681
LOW 1
Wolfssl — The PKCS#7 decode path ignores the caller-supplied output buffer size (outputSz), allowing decoded content to …
2026-06-25
CVE-2026-6731
MEDIUM 6
Wolfssl — X.509 name constraint bypass via the Subject Common Name when treated as a DNS-type name. A certificate whose …
2026-06-25
CVE-2026-7511
MEDIUM 5.9
Wolfssl — PKCS7_verify signer confusion allows forged signatures, where the signer associated with a signature is not co…
2026-06-25
CVE-2026-7531
LOW 2.3
Wolfssl — Use-after-free in PQC hybrid key-share handling. This is an incomplete-fix follow-up to CVE-2026-5460 (release…
2026-06-25
CVE-2026-7532
MEDIUM 5.7
Wolfssl — iPAddress name constraints bypass when WOLFSSL_IP_ALT_NAME is not defined. IP address name constraints are not…
2026-06-25
CVE-2026-8720
MEDIUM 5.9
Wolfssl — wc_Blake2bHmacFinal and wc_Blake2sHmacFinal discard the message when the key length exceeds the block size, pr…
2026-06-25