EUVD-2026-31398

golang.org/x/crypto/ssh: Invoking VerifiedPublicKeyCallback permissions skip enforcement...

EUVD-2026-31399

golang.org/x/crypto/ssh/knownhosts vulnerable to auth bypass via unenforced @revoked status...

EUVD-2026-31395

golang.org/x/crypto/ssh: FIDO/U2F security key physical presence check can be bypassed...

EUVD-2026-31396

golang.org/x/crypto/ssh: Invoking pathological RSA/DSA parameters may cause DoS...

EUVD-2026-31402

golang.org/x/crypto/ssh/agent: Invoking pathological inputs can lead to client panic...

CVE-2026-8720

CVE-2026-8720 affects wolfSSL’s HMAC-BLAKE2 APIs introduced in version 5.9.0. When the input key length exceeds the BLAKE2 block size, the implementation reinitializes the running hash state in the key-hashing branch, discarding accumulated message data. As a result, the produced MAC may become i...

EUVD-2026-39554

Use-after-free in PQC hybrid key-share handling. This is an incomplete-fix follow-up to CVE-2026-5460 released in 5.9.1: a malicious TLS 1.3 server sending a truncated PQC hybrid KeyShare can still trigger the error cleanup path to operate on freed memory...

CVE-2026-7531

CVE-2026-7531 describes a use-after-free in PQC hybrid key-share handling. A malicious TLS 1.3 server sending a truncated PQC hybrid KeyShare can trigger the error cleanup path to operate on freed memory. This is an incomplete-fix follow-up to CVE-2026-5460 (5.9.1). The provided connected documen...

EUVD-2026-39547

Out-of-bounds heap read during SM2/SM3 certificate signature verification. When parsing a certificate with an SM3wSM2 signature, the Subject Key Identifier computation reads the trailing 65 bytes of the public key without checking that the key is at least that long. A public key shorter than 65...

CVE-2026-12340

Out-of-bounds heap read during SM2/SM3 certificate signature verification. When parsing a certificate with an SM3wSM2 signature, the Subject Key Identifier computation reads the trailing 65 bytes of the public key without checking that the key is at least that long. A public key shorter than 65...

CVE-2026-12340

CVE-2026-12340 involves an out-of-bounds heap read in WolfSSL when verifying SM2/SM3 certificates. The bug occurs during Subject Key Identifier computation: the code reads the trailing 65 bytes of the public key without verifying the key length, causing a potential crash (denial of service) for b...

EUVD-2026-39545

Un-negotiated Raw Public Key RFC 7250 accepted in place of an X.509 certificate, bypassing chain validation. A raw public key has no chain, so ParseCertRelative accepts it without performing any trust verification; it must therefore only be accepted when RPK was actually negotiated for that peer...

CVE-2026-55960

Un-negotiated Raw Public Key RFC 7250 accepted in place of an X.509 certificate, bypassing chain validation. A raw public key has no chain, so ParseCertRelative accepts it without performing any trust verification; it must therefore only be accepted when RPK was actually negotiated for that peer...

CVE-2026-55960

The CVE-2026-55960 entry describes a vulnerability in wolfSSL builds that support Raw Public Key (RPK). Un-negotiated Raw Public Key (RFC 7250) could be accepted in place of an X.509 certificate by ParseCertRelative(), bypassing trust checks, because a raw public key has no chain. The fix/workaro...

EUVD-2026-39544

Chain intermediate CA:TRUE without keyCertSign accepted as a signing CA. Intermediate CA certificates are required to have the keyCertSign key usage when a Key Usage extension is present, but chain-supplied temporary CAs WOLFSSLTEMPCA added while building a certificate path were previously exempt...

CVE-2026-55964

Chain intermediate CA:TRUE without keyCertSign accepted as a signing CA. Intermediate CA certificates are required to have the keyCertSign key usage when a Key Usage extension is present, but chain-supplied temporary CAs WOLFSSLTEMPCA added while building a certificate path were previously exempt...

CVE-2026-55964

CVE-2026-55964 describes a change in certificate path validation affecting OpenSSL-compatibility path building (X509_verify_cert / X509_STORE). Previously, chain-supplied temporary CAs (WOLFSSL_TEMP_CA) could be accepted as signing CAs even if the intermediate CA had CA:TRUE but lacked keyCertSig...

CVE-2026-4930

SYMCRYPTO is the SiXG301's host side hardware engine accessed by PSA crypto library that accelerates symmetric cryptographic operations AES encryption/decryption and hashing. DPA Countermeasures on SYMCRYPTO can be weakened reduced entropy by forcing certain seed values if an attacker gains code...

CVE-2026-4930

CVE-2026-4930 concerns SIxG301’s SYMCRYPTO, a host-side hardware engine exposed to the PSA Crypto library to accelerate symmetric operations (AES and hashing). The reported issue is that DPA countermeasures on SYMCRYPTO can be weakened by forcing certain seed values if an attacker achieves code e...

EUVD-2026-39534

SYMCRYPTO is the SiXG301's host side hardware engine accessed by PSA crypto library that accelerates symmetric cryptographic operations AES encryption/decryption and hashing. DPA Countermeasures on SYMCRYPTO can be weakened reduced entropy by forcing certain seed values if an attacker gains code...