wolfssl

Top products

The 15 most recently published vulnerabilities affecting wolfssl.

• CVE-2026-0930Potential wolfSSHd Buffer out-of-bounds Read on Windows Handling Terminal Resize4.3Apr 20, 2026
• CVE-2026-5477Prefix-substitution forgery via integer overflow in wolfCrypt CMAC7.5Apr 10, 2026
• CVE-2026-5188Integer underflow in X.509 SAN parsing in wolfSSL8.1Apr 10, 2026
• CVE-2026-5500Improper Validation of AES-GCM Authentication Tag Length in PKCS#7 Envelope Allows Authentication Bypass5.9Apr 10, 2026
• CVE-2026-5501Improper Certificate Signature Verification in X.509 Chain Validation Allows Forged Leaf Certificates8.1Apr 10, 2026
• CVE-2026-5466wc_VerifyEccsiHash missing sanity check8.1Apr 10, 2026
• CVE-2026-5479wolfSSL EVP ChaCha20-Poly1305 AEAD authentication tag8.1Apr 10, 2026
• CVE-2026-5460Heap Use-After-Free in PQC Hybrid KeyShare Error Cleanup in wolfSSL TLS 1.36.5Apr 9, 2026
• CVE-2026-54481-2 Byte Buffer Overflow in wolfSSL_X509_notAfter/notBefore4.3Apr 9, 2026
• CVE-2026-5392wolfSSL heap OOB read in PKCS7 SignedData streaming5.4Apr 9, 2026
• CVE-2026-5393OOB Read in DoTls13CertificateVerify with WOLFSSL_DUAL_ALG_CERTS9.1Apr 9, 2026
• CVE-2026-5295Stack Buffer Overflow in wolfSSL PKCS7 wc_PKCS7_DecryptOri() via Oversized OID8.0Apr 9, 2026
• CVE-2026-5503out-of-bounds write in TLSX_EchChangeSNI via attacker-controlled publicName9.1Apr 9, 2026
• CVE-2026-5504PKCS7 CBC Padding Oracle — Plaintext Recovery5.3Apr 9, 2026
• CVE-2026-5507Session Cache Restore — Arbitrary Free via Deserialized Pointer4.0Apr 9, 2026