CVE-2026-6091

UNKNOWN 0.0

Partial-chain verification accepts untrusted intermediate as trust anchor

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

Partial-chain certificate verification may accept chains that terminate at a peer-supplied, untrusted intermediate certificate rather than a trusted anchor. An attacker could present a chain that ends at an intermediate they control and have it accepted as valid. This affects the OpenSSL compatibility certificate-path-building path (wolfSSL_X509_verify_cert / X509_STORE, OPENSSL_EXTRA) when the X509_V_FLAG_PARTIAL_CHAIN verify flag is enabled.

CWE	CWE-295
Vendor	wolfssl
Product	wolfssl
Published	Jun 25, 2026
Last Updated	Jun 25, 2026

Stay Ahead of the Next One

Get instant alerts for wolfssl wolfssl

Be the first to know when new unknown vulnerabilities affecting wolfssl wolfssl are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

wolfSSL / wolfSSL

5.7.4 ≤ 5.9.1

References

NVD ↗ CVE.org ↗ EPSS Data ↗

github.com: https://github.com/wolfSSL/wolfssl/pull/10170 wolfssl.com: https://www.wolfssl.com/docs/security-vulnerabilities/

Credits

Dikai Zou