CVE-2026-3549
- EPSS 0.49%
- Veröffentlicht 19.03.2026 20:09:27
- Zuletzt bearbeitet 26.03.2026 18:21:41
Heap Overflow in TLS 1.3 ECH parsing. An integer underflow existed in ECH extension parsing logic when calculating a buffer length, which resulted in writing beyond the bounds of an allocated buffer. Note that in wolfSSL, ECH is off by default, and t...
CVE-2026-3580
- EPSS 0.13%
- Veröffentlicht 19.03.2026 19:46:58
- Zuletzt bearbeitet 23.03.2026 18:57:07
In wolfSSL 5.8.4, constant-time masking logic in sp_256_get_entry_256_9 is optimized into conditional branches (bnez) by GCC when targeting RISC-V RV32I with -O3. This transformation breaks the side-channel resistance of ECC scalar multiplication, po...
CVE-2026-3579
- EPSS 0.27%
- Veröffentlicht 19.03.2026 19:37:23
- Zuletzt bearbeitet 23.03.2026 18:56:41
wolfSSL 5.8.4 on RISC-V RV32I architectures lacks a constant-time software implementation for 64-bit multiplication. The compiler-inserted __muldi3 subroutine executes in variable time based on operand values. This affects multiple SP math functions ...
CVE-2026-3503
- EPSS 0.15%
- Veröffentlicht 19.03.2026 18:12:26
- Zuletzt bearbeitet 29.04.2026 17:28:53
Protection mechanism failure in wolfCrypt post-quantum implementations (ML-KEM and ML-DSA) in wolfSSL on ARM Cortex-M microcontrollers allows a physical attacker to compromise key material and/or cryptographic outcomes via induced transient faults th...
CVE-2026-3548
- EPSS 0.47%
- Veröffentlicht 19.03.2026 17:45:16
- Zuletzt bearbeitet 29.04.2026 18:41:38
Two buffer overflow vulnerabilities existed in the wolfSSL CRL parser when parsing CRL numbers: a heap-based buffer overflow could occur when improperly storing the CRL number as a hexadecimal string, and a stack-based overflow for sufficiently sized...
CVE-2026-2646
- EPSS 0.12%
- Veröffentlicht 19.03.2026 17:25:42
- Zuletzt bearbeitet 29.04.2026 18:42:47
A heap-buffer-overflow vulnerability exists in wolfSSL's wolfSSL_d2i_SSL_SESSION() function. When deserializing session data with SESSION_CERTS enabled, certificate and session id lengths are read from an untrusted input without bounds validation, al...
CVE-2026-2645
- EPSS 0.13%
- Veröffentlicht 19.03.2026 17:10:22
- Zuletzt bearbeitet 29.04.2026 18:47:49
In wolfSSL 5.8.2 and earlier, a logic flaw existed in the TLS 1.2 server state machine implementation. The server could incorrectly accept the CertificateVerify message before the ClientKeyExchange message had been received. This issue affects wolfSS...
CVE-2026-1005
- EPSS 0.25%
- Veröffentlicht 19.03.2026 17:00:10
- Zuletzt bearbeitet 29.04.2026 18:48:38
Integer underflow in wolfSSL packet sniffer <= 5.8.4 allows an attacker to cause a buffer overflow in the AEAD decryption path by injecting a TLS record shorter than the explicit IV plus authentication tag into traffic inspected by ssl_DecodePacket. ...
CVE-2026-0819
- EPSS 0.1%
- Veröffentlicht 19.03.2026 16:54:33
- Zuletzt bearbeitet 29.04.2026 18:50:05
A stack buffer overflow vulnerability exists in wolfSSL's PKCS7 SignedData encoding functionality. In wc_PKCS7_BuildSignedAttributes(), when adding custom signed attributes, the code passes an incorrect capacity value (esd->signedAttribsCount) to Enc...
- EPSS 0.12%
- Veröffentlicht 11.12.2025 17:09:59
- Zuletzt bearbeitet 15.04.2026 00:35:42
Multiple constant-time implementations in wolfSSL before version 5.8.4 may be transformed into non-constant-time binary by LLVM optimizations, which can potentially result in observable timing discrepancies and lead to information disclosure through ...