47639 matches found
CVE-2026-7511
CVE-2026-7511 describes a signer-confusion in PKCS7_verify where the signer for a signature is not correctly bound, allowing a forged signature to be accepted. The reported CVSSv4.0 metrics indicate an Adjacent attack vector, High attack complexity, requiring a present exploit and user interactio...
EUVD-2026-39547
Out-of-bounds heap read during SM2/SM3 certificate signature verification. When parsing a certificate with an SM3wSM2 signature, the Subject Key Identifier computation reads the trailing 65 bytes of the public key without checking that the key is at least that long. A public key shorter than 65...
EUVD-2026-39548
X.509 trust-chain bypass in the OpenSSL compatibility certificate verifier wolfSSLX509verifycert. This affects only builds with --enable-opensslextra OPENSSLEXTRA and whose application validates certificates by calling X509verifycert with caller-supplied untrusted intermediate certificates; for...
CVE-2026-6329
CVE-2026-6329 describes a vulnerability in PKCS#12 MAC verification in wolfSSL where the verification uses an attacker-controlled comparison length. The PKCS#12 verify path compares the locally computed HMAC against the MAC parsed from the PKCS#12 structure using a length taken directly from atta...
CVE-2026-6331
CVE-2026-6331 describes a vulnerability in the OpenSSL-compatibility HMAC verify path where EVP_DigestVerifyFinal could accept a zero-length or truncated tag. The root cause is insufficient validation of the supplied signature length, which was only checked to not exceed the MAC length rather tha...
CVE-2026-11310
The CVE-2026-11310 entry concerns wolfSSL’s X509_verify_cert() when built with --enable-opensslextra (OPENSSL_EXTRA) and used by applications that pass untrusted intermediates to X509_verify_cert(). The root cause is that wolfSSL temporarily loads untrusted intermediates into the certificate mana...
CVE-2026-11310
X.509 trust-chain bypass in the OpenSSL compatibility certificate verifier wolfSSLX509verifycert. This affects only builds with --enable-opensslextra OPENSSLEXTRA and whose application validates certificates by calling X509verifycert with caller-supplied untrusted intermediate certificates; for...
CVE-2026-12340
CVE-2026-12340 involves an out-of-bounds heap read in WolfSSL when verifying SM2/SM3 certificates. The bug occurs during Subject Key Identifier computation: the code reads the trailing 65 bytes of the public key without verifying the key length, causing a potential crash (denial of service) for b...
CVE-2026-12340
Out-of-bounds heap read during SM2/SM3 certificate signature verification. When parsing a certificate with an SM3wSM2 signature, the Subject Key Identifier computation reads the trailing 65 bytes of the public key without checking that the key is at least that long. A public key shorter than 65...
CVE-2026-55960
Un-negotiated Raw Public Key RFC 7250 accepted in place of an X.509 certificate, bypassing chain validation. A raw public key has no chain, so ParseCertRelative accepts it without performing any trust verification; it must therefore only be accepted when RPK was actually negotiated for that peer...
CVE-2026-6091
Partial-chain certificate verification may accept chains that terminate at a peer-supplied, untrusted intermediate certificate rather than a trusted anchor. An attacker could present a chain that ends at an intermediate they control and have it accepted as valid. This affects the OpenSSL...
CVE-2026-11999
CVE-2026-11999 affects wolfSSL when built with --enable-opensslextra. The X509_verify_cert() path-depth exhaustion in wolfSSL_X509_verify_cert() can allow an attacker-controlled certificate to be accepted if the caller supplies untrusted intermediates and the chain depth exceeds the verifier’s ma...
CVE-2026-11999 X.509 trust-chain bypass via path-depth exhaustion in wolfSSL_X509_verify_cert()
X.509 trust-chain bypass path-depth exhaustion in the OpenSSL compatibility certificate verifier wolfSSLX509verifycert. This affects only builds with --enable-opensslextra whose application calls X509verifycert with caller-supplied untrusted intermediates; for those users it is critical, otherwis...
CVE-2026-55961
wolfSSLPKCS7verify returning success for a degenerate certs-only PKCS7 object that contains no signer. Such an object has empty signerInfos, so the underlying signed-data verification succeeds without authenticating any content. The compatibility-layer verify path now rejects the object when no...
CVE-2026-55961
The CVE describes a flaw in wolfSSL where wolfSSL_PKCS7_verify() incorrectly reported success for a degenerate PKCS#7 object that contains no signer. In such objects, signerInfos is empty, so underlying signed-data verification could succeed without authenticating any content. The fix enforces th...
CVE-2026-55961 wolfSSL_PKCS7_verify() reports success for degenerate (certs-only) PKCS#7 with no signer
wolfSSLPKCS7verify returning success for a degenerate certs-only PKCS7 object that contains no signer. Such an object has empty signerInfos, so the underlying signed-data verification succeeds without authenticating any content. The compatibility-layer verify path now rejects the object when no...
EUVD-2026-39491
wolfSSLPKCS7verify returning success for a degenerate certs-only PKCS7 object that contains no signer. Such an object has empty signerInfos, so the underlying signed-data verification succeeds without authenticating any content. The compatibility-layer verify path now rejects the object when no...
CVE-2026-55700
pnpm stage download (affecting 11.3.0–11.5.3) allowed a crafted manifest to derive a local filename from package name and version, enabling the download to escape the target directory and overwrite a reachable file. The merged fix validates both fields, derives a single safe filename, and verifie...
EUVD-2026-39486
Partial-chain certificate verification may accept chains that terminate at a peer-supplied, untrusted intermediate certificate rather than a trusted anchor. An attacker could present a chain that ends at an intermediate they control and have it accepted as valid. This affects the OpenSSL...
CVE-2026-6091
Partial-chain certificate verification may accept chains that terminate at a peer-supplied, untrusted intermediate certificate rather than a trusted anchor. The vulnerability affects the wolfSSL OpenSSL compatibility certificate-path-building path (wolfSSL_X509_verify_cert / X509_STORE, OPENSSL_E...