CVE-2026-5194

UNKNOWN 0.0

wolfSSL ECDSA Certificate Verification

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

10th

Missing hash/digest size and OID checks allow digests smaller than allowed when verifying ECDSA certificates, or smaller than is appropriate for the relevant key type, to be accepted by signature verification functions. This could lead to reduced security of ECDSA certificate-based authentication if the public CA key used is also known. This affects ECDSA/ECC verification when EdDSA or ML-DSA is also enabled.

CWE	CWE-295
Vendor	wolfssl
Product	wolfssl
Published	Apr 9, 2026
Last Updated	Apr 10, 2026

Stay Ahead of the Next One

Get instant alerts for wolfssl wolfssl

Be the first to know when new unknown vulnerabilities affecting wolfssl wolfssl are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

wolfSSL / wolfSSL

3.12.0 < 5.9.1

References

NVD ↗ CVE.org ↗ EPSS Data ↗

github.com: https://github.com/wolfSSL/wolfssl/pull/10131

Credits

Nicholas Carlini from Anthropic