Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1310 CNY

100%
Buy Us a Coffee

wolfSSL — Vulnerabilities & Security Advisories 61

All 61 CVE vulnerabilities found in wolfSSL, with AI-generated Chinese analysis, references, and POCs.

This page aggregates known weaknesses and vulnerability disclosures associated with the wolfSSL cryptographic library product maintained by wolfSSL Inc. It serves as a centralized resource for tracking security issues specific to this embedded SSL/TLS implementation, covering common weakness enumerations (CWE) relevant to its codebase and deployment configurations. The content compiles publicly available security advisories, bug reports, and vulnerability details released by the vendor and third-party researchers over the past several years. This historical timeline includes updates from major releases such as the 4.x, 5.x, and 6.x series, ensuring coverage of both legacy and current support streams. Visitors can use this aggregation to monitor the security posture of wolfSSL by reviewing how specific vulnerability classes have been addressed over time. Users may also investigate individual component weaknesses to understand the root causes and mitigation strategies applied by the development team. The data facilitates deeper analysis of recurring patterns, such as buffer overflows or memory management errors, within the library’s core functions. By centralizing these records, the page supports security analysts, developers, and auditors in assessing risk, verifying patch status, and conducting compliance reviews. It does not provide real-time threat intelligence or private exploit details but focuses on documented, resolved, or acknowledged security flaws. This structured overview aids in evaluating the long-term maintenance practices and responsiveness of the wolfSSL project to emerging threats in the cryptographic ecosystem.

Vendor: wolfSSL

CVE IDTitleCVSSSeverityPublished
CVE-2026-3579 Non-constant time multiplication subroutine __muldi3 on RISC-V RV32I CWE-203 7.5 -2026-03-19
CVE-2026-3548 Buffer overflow in CRL number parsing in wolfSSL CWE-787 8.8 -2026-03-19
CVE-2026-2646 Heap buffer overflow in session parsing with wolfSSL_d2i_SSL_SESSION() function CWE-122 8.1 -2026-03-19
CVE-2026-2645 Acceptance of CertificateVerify Message before ClientKeyExchange in TLS 1.2 CWE-358 7.5 -2026-03-19
CVE-2026-1005 Integer underflow leads to out-of-bounds access in sniffer AES-GCM/CCM/ARIA-GCM decrypt path CWE-191 7.5 -2026-03-19
CVE-2026-0819 Stack buffer overflow in PKCS7 SignedData encoding with custom signed attributes CWE-121 9.8 -2026-03-19
CVE-2025-13912 Potential non-constant time compiled code with Clang LLVM CWE-203 2.9AILowAI2025-12-11
CVE-2025-12889 TLS 1.2 Client Can Downgrade Digest Used CWE-20 7.5 -2025-11-21
CVE-2025-11932 Timing Side-Channel in PSK Binder Verification CWE-203 5.9 -2025-11-21
CVE-2025-11931 Integer Underflow Leads to Out-of-Bounds Access in XChaCha20-Poly1305 Decrypt CWE-191 9.8 -2025-11-21
CVE-2025-12888 Constant Time Issue with Xtensa-based ESP32 and X22519 CWE-203 5.9 -2025-11-21
CVE-2025-11936 Potential DoS Vulnerability through Multiple KeyShareEntry with Same Group in TLS 1.3 ClientHello CWE-20 7.5 -2025-11-21
CVE-2025-11933 DoS Vulnerability in wolfSSL TLS 1.3 CKS Extension CWE-20 7.5 -2025-11-21
CVE-2025-11934 Improper Validation of Signature Algorithm Used in TLS 1.3 CertificateVerify CWE-20 5.3 -2025-11-21
CVE-2025-11935 Forward Secrecy Violation in WolfSSL TLS 1.3 CWE-326 8.1 -2025-11-21
CVE-2025-7396 Curve25519 Blinding 6.8 -2025-07-18
CVE-2025-7394 OpenSSL 安全漏洞 CWE-200 5.3 -2025-07-18
CVE-2025-7395 Domain Name Validation Bypass with Apple Native Certificate Validation CWE-295 7.5 -2025-07-18
CVE-2024-1543 AES T-Table sub-cache-line leakage CWE-208 4.1 Medium2024-08-29
CVE-2024-1544 ECDSA nonce bias caused by truncation CWE-203 4.1 Medium2024-08-27
CVE-2024-5814 Unverifed Ciphersuite used on a client-side TLS1.3 Downgrade 7.5AIHighAI2024-08-27
CVE-2024-5288 Safe-error attack on TLS 1.3 Protocol CWE-922 5.1 Medium2024-08-27
CVE-2024-5991 Buffer overread in domain name matching CWE-125 9.1AICriticalAI2024-08-27
CVE-2024-0901 SEGV and out of bounds memory read from malicious packet CWE-129 7.5 High2024-03-25
CVE-2023-6936 Heap-buffer over-read with WOLFSSL_CALLBACKS 5.3 Medium2024-02-20
CVE-2023-6937 Improper (D)TLS key boundary enforcement CWE-20 5.3 Medium2024-02-15
CVE-2023-6935 Marvin Attack vulnerability in SP Math All RSA CWE-203 5.9 Medium2024-02-09
CVE-2023-3724 TLS 1.3 client issue handling malicious server when not including a KSE and PSK extension CWE-20 9.1 Critical2023-07-17
CVE-2018-16870 wolfSSL 加密问题漏洞 CWE-200 5.9 -2019-01-03
CVE-2017-13099 wolfSSL Bleichenbacher/ROBOT CWE-203 5.9 -2017-12-13

All 61 known CVE vulnerabilities affecting wolfSSL with full Chinese analysis, references, and POCs where available.