Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

wolfssl — Vulnerabilities & Security Advisories 61

All 61 CVE vulnerabilities found in wolfssl, with AI-generated Chinese analysis, references, and POCs.

Vendor: wolfSSL

CVE IDTitleCVSSSeverityPublished
CVE-2026-3579 Non-constant time multiplication subroutine __muldi3 on RISC-V RV32I CWE-203 7.5 -2026-03-19
CVE-2026-3548 Buffer overflow in CRL number parsing in wolfSSL CWE-787 8.8 -2026-03-19
CVE-2026-2646 Heap buffer overflow in session parsing with wolfSSL_d2i_SSL_SESSION() function CWE-122 8.1 -2026-03-19
CVE-2026-2645 Acceptance of CertificateVerify Message before ClientKeyExchange in TLS 1.2 CWE-358 7.5 -2026-03-19
CVE-2026-1005 Integer underflow leads to out-of-bounds access in sniffer AES-GCM/CCM/ARIA-GCM decrypt path CWE-191 7.5 -2026-03-19
CVE-2026-0819 Stack buffer overflow in PKCS7 SignedData encoding with custom signed attributes CWE-121 9.8 -2026-03-19
CVE-2025-13912 Potential non-constant time compiled code with Clang LLVM CWE-203 2.9AILowAI2025-12-11
CVE-2025-12889 TLS 1.2 Client Can Downgrade Digest Used CWE-20 7.5 -2025-11-21
CVE-2025-11932 Timing Side-Channel in PSK Binder Verification CWE-203 5.9 -2025-11-21
CVE-2025-11931 Integer Underflow Leads to Out-of-Bounds Access in XChaCha20-Poly1305 Decrypt CWE-191 9.8 -2025-11-21
CVE-2025-12888 Constant Time Issue with Xtensa-based ESP32 and X22519 CWE-203 5.9 -2025-11-21
CVE-2025-11936 Potential DoS Vulnerability through Multiple KeyShareEntry with Same Group in TLS 1.3 ClientHello CWE-20 7.5 -2025-11-21
CVE-2025-11933 DoS Vulnerability in wolfSSL TLS 1.3 CKS Extension CWE-20 7.5 -2025-11-21
CVE-2025-11934 Improper Validation of Signature Algorithm Used in TLS 1.3 CertificateVerify CWE-20 5.3 -2025-11-21
CVE-2025-11935 Forward Secrecy Violation in WolfSSL TLS 1.3 CWE-326 8.1 -2025-11-21
CVE-2025-7396 Curve25519 Blinding 6.8 -2025-07-18
CVE-2025-7394 OpenSSL 安全漏洞 CWE-200 5.3 -2025-07-18
CVE-2025-7395 Domain Name Validation Bypass with Apple Native Certificate Validation CWE-295 7.5 -2025-07-18
CVE-2024-1543 AES T-Table sub-cache-line leakage CWE-208 4.1 Medium2024-08-29
CVE-2024-1544 ECDSA nonce bias caused by truncation CWE-203 4.1 Medium2024-08-27
CVE-2024-5814 Unverifed Ciphersuite used on a client-side TLS1.3 Downgrade 7.5AIHighAI2024-08-27
CVE-2024-5288 Safe-error attack on TLS 1.3 Protocol CWE-922 5.1 Medium2024-08-27
CVE-2024-5991 Buffer overread in domain name matching CWE-125 9.1AICriticalAI2024-08-27
CVE-2024-0901 SEGV and out of bounds memory read from malicious packet CWE-129 7.5 High2024-03-25
CVE-2023-6936 Heap-buffer over-read with WOLFSSL_CALLBACKS 5.3 Medium2024-02-20
CVE-2023-6937 Improper (D)TLS key boundary enforcement CWE-20 5.3 Medium2024-02-15
CVE-2023-6935 Marvin Attack vulnerability in SP Math All RSA CWE-203 5.9 Medium2024-02-09
CVE-2023-3724 TLS 1.3 client issue handling malicious server when not including a KSE and PSK extension CWE-20 9.1 Critical2023-07-17
CVE-2018-16870 wolfSSL 加密问题漏洞 CWE-200 5.9 -2019-01-03
CVE-2017-13099 wolfSSL Bleichenbacher/ROBOT CWE-203 5.9 -2017-12-13

All 61 known CVE vulnerabilities affecting wolfssl with full Chinese analysis, references, and POCs where available.