Which versions of Wolfssl are affected by CVE-2026-5479?

wolfSSL versions prior to 5.9.1 contain a critical authentication bypass in ChaCha20-Poly1305 decryption that allows adjacent network attackers to inject malicious ciphertext without cryptographic…. A patch is available.

How to fix or mitigate CVE-2026-5479?

Within 24 hours: Inventory all systems and applications using wolfSSL versions prior to 5.9.1, particularly those leveraging EVP API for ChaCha20-Poly1305 operations. Within 7 days: Apply vendor-released patch by upgrading to wolfSSL 5.9.1 or later across development, staging, and production environments. Within 30 days: Conduct code review of custom implementations using EVP-based AEAD decryption and validate patch deployment across all endpoints.

Wolfssl CVE-2026-5479

Q: What is the CVSS score of CVE-2026-5479?

CVE-2026-5479 has a CVSS 4.0 base score of 7.6 (High). CVSS vector: CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X. EPSS exploitation probability: 0.0%.

EUVD-2026-21292 HIGH

Improper Validation of Integrity Check Value (CWE-354)

2026-04-10 wolfSSL

GHSA-3xr8-r75g-g9c6

Information Disclosure Wolfssl

7.6

CVSS 4.0 · NVD

Severity by source

NVD PRIMARY

7.6 HIGH

CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Adjacent

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Lifecycle Timeline

Re-analysis Queued

Apr 29, 2026 - 13:52 vuln.today

cvss_changed

Analysis Updated

Apr 16, 2026 - 05:59 EUVD-patch-fix

executive_summary

Re-analysis Queued

Apr 16, 2026 - 05:29 backfill_euvd_patch

patch_released

Patch available

Apr 16, 2026 - 05:29 EUVD

5.9.1

EUVD ID Assigned

Apr 10, 2026 - 03:45 euvd

EUVD-2026-21292

Analysis Generated

Apr 10, 2026 - 03:45 vuln.today

CVE Published

Apr 10, 2026 - 02:38 nvd

HIGH 7.6

DescriptionCVE.org

In wolfSSL's EVP layer, the ChaCha20-Poly1305 AEAD decryption path in wolfSSL_EVP_CipherFinal (and related EVP cipher finalization functions) fails to verify the authentication tag before returning plaintext to the caller. When an application uses the EVP API to perform ChaCha20-Poly1305 decryption, the implementation computes or accepts the tag but does not compare it against the expected value.

AnalysisAI

ChaCha20-Poly1305 AEAD decryption in wolfSSL's EVP layer bypasses authentication tag verification, allowing unauthenticated adjacent attackers to inject arbitrary ciphertext that is decrypted and returned as plaintext without cryptographic validation. Affects wolfSSL versions prior to 5.9.1. …

Unlock full vulnerability intelligence

Risk assessment & exploitation conditions
Attack chain visualization
Remediation with exact patch versions
Threat intelligence from 22 sources
Personal watchlist & email alerts

Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access

Craft malicious ChaCha20-Poly1305 ciphertext

Exploit

Call wolfSSL_EVP_CipherFinal with invalid tag

Execution

Receive plaintext without tag verification

Impact

Exploit authentication bypass