Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

wolfssl — Vulnerabilities & Security Advisories 61

All 61 CVE vulnerabilities found in wolfssl, with AI-generated Chinese analysis, references, and POCs.

Vendor: wolfSSL

CVE IDTitleCVSSSeverityPublished
CVE-2026-5477 Prefix-substitution forgery via integer overflow in wolfCrypt CMAC CWE-190 7.5 -2026-04-10
CVE-2026-5188 Integer underflow in X.509 SAN parsing in wolfSSL CWE-191 6.5 -2026-04-10
CVE-2026-5500 Improper Validation of AES-GCM Authentication Tag Length in PKCS#7 Envelope Allows Authentication Bypass CWE-20 3.7 -2026-04-10
CVE-2026-5501 Improper Certificate Signature Verification in X.509 Chain Validation Allows Forged Leaf Certificates CWE-295 5.9 -2026-04-10
CVE-2026-5466 wc_VerifyEccsiHash missing sanity check CWE-347 9.1 -2026-04-10
CVE-2026-5479 wolfSSL EVP ChaCha20-Poly1305 AEAD authentication tag CWE-354 7.5 -2026-04-10
CVE-2026-5460 Heap Use-After-Free in PQC Hybrid KeyShare Error Cleanup in wolfSSL TLS 1.3 CWE-416 9.1 -2026-04-09
CVE-2026-5448 1-2 Byte Buffer Overflow in wolfSSL_X509_notAfter/notBefore CWE-122 8.1 -2026-04-09
CVE-2026-5392 wolfSSL heap OOB read in PKCS7 SignedData streaming CWE-125 9.1 -2026-04-09
CVE-2026-5393 OOB Read in DoTls13CertificateVerify with WOLFSSL_DUAL_ALG_CERTS CWE-125 9.1 -2026-04-09
CVE-2026-5295 Stack Buffer Overflow in wolfSSL PKCS7 wc_PKCS7_DecryptOri() via Oversized OID CWE-121 9.8AICriticalAI2026-04-09
CVE-2026-5503 out-of-bounds write in TLSX_EchChangeSNI via attacker-controlled publicName CWE-787 9.1AICriticalAI2026-04-09
CVE-2026-5504 PKCS7 CBC Padding Oracle — Plaintext Recovery CWE-354 7.5AIHighAI2026-04-09
CVE-2026-5507 Session Cache Restore — Arbitrary Free via Deserialized Pointer CWE-502 8.1AIHighAI2026-04-09
CVE-2026-5772 MatchDomainName 1-Byte Stack Buffer Over-Read in Hostname Validation CWE-126 7.5AIHighAI2026-04-09
CVE-2026-5778 Integer underflow leads to out-of-bounds access in sniffer ChaCha decrypt path. CWE-191 7.5AIHighAI2026-04-09
CVE-2026-5264 DTLS 1.3 ACK heap buffer overflow CWE-122 9.8AICriticalAI2026-04-09
CVE-2026-5263 URI nameConstraints not enforced in ConfirmNameConstraints() CWE-295 7.5AIHighAI2026-04-09
CVE-2026-5446 wolfSSL ARIA-GCM TLS 1.2/DTLS 1.2 GCM nonce reuse CWE-323 9.1AICriticalAI2026-04-09
CVE-2026-5447 Heap buffer overflow in CertFromX509() via AuthorityKeyIdentifier CWE-122 9.8AICriticalAI2026-04-09
CVE-2026-5187 Heap Out-of-Bounds Write in DecodeObjectId() in wolfSSL CWE-122 8.4AIHighAI2026-04-09
CVE-2026-5194 wolfSSL ECDSA Certificate Verification CWE-295 5.3AIMediumAI2026-04-09
CVE-2026-4159 wc_PKCS7_DecodeEnvelopedData 1 byte out-of-bounds read CWE-125 9.1 -2026-03-19
CVE-2026-3229 Integer Overflow in Certificate Chain Allocation CWE-122 9.8 -2026-03-19
CVE-2026-3230 Improper key_share validation in TLS 1.3 HelloRetryRequest CWE-20 7.5 -2026-03-19
CVE-2026-4395 Heap-based buffer overflow in wc_ecc_import_x963_ex KCAPI path CWE-122 9.1 -2026-03-19
CVE-2026-3849 Buffer Overflow in HPKE via Oversized ECH Config CWE-787 9.8 -2026-03-19
CVE-2026-3547 wolfSSL: out-of-bounds read (DoS) in ALPN parsing due to incomplete validation CWE-125 7.5 High2026-03-19
CVE-2026-3549 ECH parsing heap buffer overflow CWE-122 9.1 -2026-03-19
CVE-2026-3580 Compiler-induced timing leak in sp_256_get_entry_256_9 on RISC-V CWE-203 5.5 -2026-03-19

All 61 known CVE vulnerabilities affecting wolfssl with full Chinese analysis, references, and POCs where available.