CVE-2026-55964— Chain intermediate CA:TRUE without keyCertSign accepted as a signing CA (temporary CA exemption)
Possible ATT&CK Techniques 1AI
T1557 · Adversary-in-the-MiddleGet alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-55964
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Chain intermediate CA:TRUE without keyCertSign accepted as a signing CA (temporary CA exemption)
Source: NVD (National Vulnerability Database)
Vulnerability Description
Chain intermediate CA:TRUE without keyCertSign accepted as a signing CA. Intermediate CA certificates are required to have the keyCertSign key usage when a Key Usage extension is present, but chain-supplied temporary CAs (WOLFSSL_TEMP_CA) added while building a certificate path were previously exempted from this check, so an intermediate asserting CA:TRUE but lacking keyCertSign was accepted as a signing CA. The check now applies to chain-supplied temporary CAs as well; only operator-loaded root certificates (WOLFSSL_USER_CA) and self-signed roots remain exempt. Per RFC 5280 an absent Key Usage extension implies all usages, so the requirement is enforced only when the extension is actually present (extKeyUsageSet). Affects the OpenSSL-compatibility certificate-path-building path (X509_verify_cert / X509_STORE, OPENSSL_EXTRA/OPENSSL_ALL), where untrusted chain intermediates are added as temporary CAs; native (non-OpenSSL-compat) certificate verification does not create temporary CAs and is unaffected. Within those builds, the check applies unless ALLOW_INVALID_CERTSIGN is defined.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
证书验证不恰当
Source: NVD (National Vulnerability Database)
Affected Products
II. Public POCs for CVE-2026-55964
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-55964
请登录查看更多情报信息。
Vendor Pages for CVE-2026-55964 (1)
Other References for CVE-2026-55964 (1)
Same Patch Batch · wolfSSL · 2026-06-25 · 32 CVEs total
| CVE-2026-6679 | DTLS 1.3 ACK serialization heap buffer overflow via integer truncation | |
| CVE-2026-55958 | Renesas TSIP TLS 1.3 transcript buffer out-of-bounds write in tsip_StoreMessage | |
| CVE-2026-55960 | Un-negotiated Raw Public Key (RFC 7250) accepted in place of X.509, bypassing chain valida | |
| CVE-2026-55967 | AES-GCM streaming APIs do not reject >64 GiB cumulative single messages, enabling counter | |
| CVE-2026-55961 | wolfSSL_PKCS7_verify() reports success for degenerate (certs-only) PKCS#7 with no signer | |
| CVE-2026-55962 | TLS 1.3 post-handshake authentication: server accepts Finished without client Certificate/ | |
| CVE-2026-8720 | HMAC-BLAKE2 final discards message when key length exceeds block size | |
| CVE-2026-12340 | Out-of-bounds heap read in SM2/SM3 certificate Subject Key Identifier computation | |
| CVE-2026-10512 | X25519 x86_64 assembly final reduction leaves non-canonical field element | |
| CVE-2026-10097 | ML-KEM-1024 x64 AVX2 incomplete cipher text comparison enables IND-CCA2 break and static p | |
| CVE-2026-10098 | OCSP CertID serial-number length-confusion in wolfSSL_OCSP_resp_find_status | |
| CVE-2026-10592 | Wildcard DNS SAN bypasses CA name-constraint checks | |
| CVE-2026-11310 | X.509 trust-chain bypass in wolfSSL_X509_verify_cert() via untrusted intermediate anchorin | |
| CVE-2026-11703 | Missing SNI/ALPN binding on stateful (session-ID) TLS session resumption | |
| CVE-2026-11999 | X.509 trust-chain bypass via path-depth exhaustion in wolfSSL_X509_verify_cert() | |
| CVE-2026-6329 | PKCS#12 MAC verification uses attacker-controlled comparison length | |
| CVE-2026-7532 | iPAddress name constraints not enforced when WOLFSSL_IP_ALT_NAME is undefined | |
| CVE-2026-6094 | Heap buffer overread in wc_PKCS7_DecodeEnvelopedData parsing crafted PKCS7 EnvelopedData | |
| CVE-2026-6731 | X.509 name constraint bypass via Subject CN treated as a DNS name | |
| CVE-2026-6325 | Out-of-bounds write in SetSuitesHashSigAlgo on oversized signature algorithms list |
Showing top 20 of 32 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same product: wolfSSL
- CVE-2026-7511
PKCS7_verify signer confusion allows forged signatures to be - CVE-2026-7532
iPAddress name constraints not enforced when WOLFSSL_IP_ALT_ - CVE-2026-8720
HMAC-BLAKE2 final discards message when key length exceeds b - CVE-2026-10098
OCSP CertID serial-number length-confusion in wolfSSL_OCSP_r - CVE-2026-11703
Missing SNI/ALPN binding on stateful (session-ID) TLS sessio
Same vendor: wolfSSL
- CVE-2026-7511
PKCS7_verify signer confusion allows forged signatures to be - CVE-2026-7532
iPAddress name constraints not enforced when WOLFSSL_IP_ALT_ - CVE-2026-8720
HMAC-BLAKE2 final discards message when key length exceeds b - CVE-2026-10098
OCSP CertID serial-number length-confusion in wolfSSL_OCSP_r - CVE-2026-11703
Missing SNI/ALPN binding on stateful (session-ID) TLS sessio
Same weakness: CWE-295
- CVE-2026-7532
iPAddress name constraints not enforced when WOLFSSL_IP_ALT_ - CVE-2026-10098
OCSP CertID serial-number length-confusion in wolfSSL_OCSP_r - CVE-2026-6450
CRL critical extension bypass in ParseCRL_Extensions - CVE-2026-6731
X.509 name constraint bypass via Subject CN treated as a DNS - CVE-2026-10592
Wildcard DNS SAN bypasses CA name-constraint checks
V. Comments for CVE-2026-55964
No comments yet