Vulnerabilities in WolfSSL
94 resultsCVE-2026-5500HIGHImproper Validation of AES-GCM Authentication Tag Length in PKCS#7 Envelope Allows Authentication BypassEPSS 0.4%CVE-2025-14942CRITICALAuthentication BypassEPSS 0.4%CVE-2024-1544MEDIUMECDSA nonce bias caused by truncationEPSS 0.3%CVE-2026-4395LOWHeap-based buffer overflow in wc_ecc_import_x963_ex KCAPI pathEPSS 0.3%CVE-2025-15382MEDIUMClient SCP Request Triggers Buffer Overread by 1 ByteEPSS 0.3%CVE-2025-11931LOWInteger Underflow Leads to Out-of-Bounds Access in XChaCha20-Poly1305 DecryptEPSS 0.3%CVE-2026-55958HIGHRenesas TSIP TLS 1.3 transcript buffer out-of-bounds write in tsip_StoreMessageEPSS 0.3%CVE-2026-7531LOWUse-after-free in PQC hybrid key-share handlingEPSS 0.3%CVE-2026-5187LOWHeap Out-of-Bounds Write in DecodeObjectId() in wolfSSLEPSS 0.3%CVE-2026-5460MEDIUMHeap Use-After-Free in PQC Hybrid KeyShare Error Cleanup in wolfSSL TLS 1.3EPSS 0.3%CVE-2025-15346CRITICALwolfSSL Python library `CERT_REQUIRED` mode fails to enforce client certificate requirementEPSS 0.3%CVE-2025-12888LOWConstant Time Issue with Xtensa-based ESP32 and X22519EPSS 0.3%CVE-2026-3579LOWNon-constant time multiplication subroutine __muldi3 on RISC-V RV32IEPSS 0.3%CVE-2026-11703MEDIUMMissing SNI/ALPN binding on stateful (session-ID) TLS session resumptionEPSS 0.3%CVE-2026-5446MEDIUMwolfSSL ARIA-GCM TLS 1.2/DTLS 1.2 GCM nonce reuseEPSS 0.3%CVE-2026-6094MEDIUMHeap buffer overread in wc_PKCS7_DecodeEnvelopedData parsing crafted PKCS7 EnvelopedDataEPSS 0.3%CVE-2026-3547HIGHwolfSSL: out-of-bounds read (DoS) in ALPN parsing due to incomplete validationEPSS 0.3%CVE-2026-1005LOWInteger underflow leads to out-of-bounds access in sniffer AES-GCM/CCM/ARIA-GCM decrypt pathEPSS 0.3%CVE-2025-11932LOWTiming Side-Channel in PSK Binder VerificationEPSS 0.2%CVE-2026-5772LOWMatchDomainName 1-Byte Stack Buffer Over-Read in Hostname ValidationEPSS 0.2%