Which versions of Wolfssl are affected by CVE-2026-2645?

CVE-2026-2645 presents moderate security risk rated CVSS 5.5. Exploitation could compromise the security of affected deployments.. A patch is available.

How to fix or mitigate CVE-2026-2645?

Within 30 days: Identify affected systems running the TLS 1.2 server state machine implementation. The server and apply vendor patches as part of regular patch cycle. Monitor vendor channels for patch availability.

Wolfssl CVE-2026-2645

Q: What is the CVSS score of CVE-2026-2645?

CVE-2026-2645 has a CVSS 4.0 base score of 5.5 (Medium). CVSS vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X. EPSS exploitation probability: 0.0%.

EUVD-2026-13135 MEDIUM

Improperly Implemented Security Check for Standard (CWE-358)

2026-03-19 wolfSSL

Information Disclosure Wolfssl

5.5

CVSS 4.0 · NVD

Severity by source

NVD PRIMARY

5.5 MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

Scope

Lifecycle Timeline

Patch available

Apr 16, 2026 - 05:29 EUVD

5.8.4

EUVD ID Assigned

Mar 19, 2026 - 18:00 euvd

EUVD-2026-13135

Analysis Generated

Mar 19, 2026 - 18:00 vuln.today

CVE Published

Mar 19, 2026 - 17:10 nvd

MEDIUM 5.5

DescriptionCVE.org

In wolfSSL 5.8.2 and earlier, a logic flaw existed in the TLS 1.2 server state machine implementation. The server could incorrectly accept the CertificateVerify message before the ClientKeyExchange message had been received. This issue affects wolfSSL before 5.8.4 (wolfSSL 5.8.2 and earlier is vulnerable, 5.8.4 is not vulnerable). In 5.8.4 wolfSSL would detect the issue later in the handshake. 5.9.0 was further hardened to catch the issue earlier in the handshake.

AnalysisAI

CVE-2026-2645 is a security vulnerability (CVSS 5.5). Remediation should follow standard vulnerability management procedures.

Unlock full vulnerability intelligence

Risk assessment & exploitation conditions
Attack chain visualization
Remediation with exact patch versions
Threat intelligence from 22 sources
Personal watchlist & email alerts

Continue with Google Continue with GitHub

Free forever · No credit card required

Vulnerability AssessmentAI

Risk Assessment	CVSS 5.5. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario	An attacker could exploit this vulnerability in the affected application to compromise the security of affected deployments, potentially impacting confidentiality, integrity, or availability.
Remediation	Monitor vendor channels for patch availability. Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 30 days: Identify affected systems running the TLS 1.2 server state machine implementation. …

Threat intelligence, references, and detailed analysis are available after sign-in.

CVE-2026-2645 vulnerability details – vuln.today

Back