CVE-2026-3230
Improper key_share validation in TLS 1.3 HelloRetryRequest
CVSS Score
0.0
EPSS Score
0.1%
EPSS Percentile
26th
Missing required cryptographic step in the TLS 1.3 client HelloRetryRequest handshake logic in wolfSSL could lead to a compromise in the confidentiality of TLS-protected communications via a crafted HelloRetryRequest followed by a ServerHello message that omits the required key_share extension, resulting in derivation of predictable traffic secrets from (EC)DHE shared secret. This issue does not affect the client's authentication of the server during TLS handshakes.
| CWE | CWE-20 |
| Vendor | wolfssl |
| Product | wolfssl |
| Published | Mar 19, 2026 |
| Last Updated | Mar 20, 2026 |
Stay Ahead of the Next One
Get instant alerts for wolfssl wolfssl
Be the first to know when new unknown vulnerabilities affecting wolfssl wolfssl are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
wolfSSL / wolfSSL
0 < 5.9.0
References
Credits
Jaehun Lee, Pohang University of Science and Technology (POSTECH) Kyungmin Bae, Pohang University of Science and Technology (POSTECH)