Wolfssl
This hub aggregates every CVE we track for Wolfssl, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.
141
CVEs tracked
25
Critical
51
High
0
In CISA KEV
Severity distribution
MEDIUM62HIGH51CRITICAL25LOW3
Monthly trend
7
0
0
0
0
0
0
0
0
0
0
2
0
0
0
8
0
0
0
15
22
0
32
0
2024-082026-07
Latest CVEs
The 15 most recently published vulnerabilities affecting Wolfssl.
- CVE-2026-7511PKCS7_verify signer confusion allows forged signatures to be accepted7.5
- CVE-2026-7532iPAddress name constraints not enforced when WOLFSSL_IP_ALT_NAME is undefined7.5
- CVE-2026-8720HMAC-BLAKE2 final discards message when key length exceeds block size7.5
- CVE-2026-10098OCSP CertID serial-number length-confusion in wolfSSL_OCSP_resp_find_status5.3
- CVE-2026-11703Missing SNI/ALPN binding on stateful (session-ID) TLS session resumption7.5
- CVE-2026-55962TLS 1.3 post-handshake authentication: server accepts Finished without client Certificate/CertificateVerify6.5
- CVE-2026-6092Encrypt-then-MAC could fall back to MAC-then-Encrypt when HAVE_ENCRYPT_THEN_MAC is configured5.3
- CVE-2026-6325Out-of-bounds write in SetSuitesHashSigAlgo on oversized signature algorithms list7.5
- CVE-2026-6329PKCS#12 MAC verification uses attacker-controlled comparison length6.5
- CVE-2026-6330ML-KEM ARM64 NEON ciphertext comparison only compares half of the input6.5
- CVE-2026-6331HMAC zero-length tag forgery in EVP_DigestVerifyFinal7.5
- CVE-2026-6412Continued acceptance of SHA-1/MD5 digests in certificate processing4.3
- CVE-2026-6450CRL critical extension bypass in ParseCRL_Extensions5.3
- CVE-2026-6678Integer underflow in wc_PKCS7_DecryptOri handling crafted Other Recipient Info5.3
- CVE-2026-6679DTLS 1.3 ACK serialization heap buffer overflow via integer truncation7.5
Product normalization is registry-driven with AI assist and human review. How it works