CVE-2026-3230 Improper key_share validation in TLS 1.3 HelloRetryRequest

Missing required cryptographic step in the TLS 1.3 client HelloRetryRequest handshake logic in wolfSSL could lead to a compromise in the confidentiality of TLS-protected communications via a crafted HelloRetryRequest followed by a ServerHello message that omits the required keyshare extension,...

libsoup: NULL pointer dereference in client when server omits the "nonce" parameter in an Unauthorized response with Digest authentication

A flaw was found in libsoup, where SoupAuthDigest is vulnerable to a NULL pointer dereference. The HTTP server may cause the libsoup client to crash...