CVE-2026-8720
CVE-2026-8720 affects wolfSSL’s HMAC-BLAKE2 APIs (wc_Blake2bHmacFinal, wc_Blake2sHmacFinal). When the supplied key length exceeds the BLAKE2 block size, the key-hashing branch reinitializes the running hash state and discards accumulated message data, causing the MAC to depend only on the key and...