Which versions of Wolfssl are affected by CVE-2026-5500?

CVE-2026-5500 affects wolfSSL's PKCS7 AuthEnvelopedData processing, allowing attackers to weaken cryptographic authentication tags and bypass integrity verification on encrypted communications.

How to fix or mitigate CVE-2026-5500?

Within 24 hours: Inventory all applications and systems using wolfSSL, specifically identifying those processing PKCS7 AuthEnvelopedData structures; communicate findings to application owners. Within 7 days: Implement network segmentation and monitoring to detect anomalous AES-GCM tag modifications; evaluate migration to alternative cryptographic libraries or isolated deployment environments. Within 30 days: Contact wolfSSL for patch availability timeline; if patches are released, conduct regression testing and deploy to wolfSSL 5.10.0 or later immediately upon availability; maintain enhanced monitoring until patched.

Wolfssl CVE-2026-5500

Q: What is the CVSS score of CVE-2026-5500?

CVE-2026-5500 has a CVSS 4.0 base score of 8.7 (High). CVSS vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X. EPSS exploitation probability: 0.1%.

EUVD-2026-21293 HIGH

Improper Input Validation (CWE-20)

2026-04-10 wolfSSL

GHSA-m77r-vqw2-hffx

Information Disclosure Wolfssl

8.7

CVSS 4.0 · NVD

Severity by source

NVD PRIMARY

8.7 HIGH

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Lifecycle Timeline

Re-analysis Queued

Apr 27, 2026 - 18:22 vuln.today

cvss_changed

EUVD ID Assigned

Apr 10, 2026 - 03:45 euvd

EUVD-2026-21293

Analysis Generated

Apr 10, 2026 - 03:45 vuln.today

CVE Published

Apr 10, 2026 - 03:10 nvd

HIGH 8.7

DescriptionCVE.org

wolfSSL's wc_PKCS7_DecodeAuthEnvelopedData() does not properly sanitize the AES-GCM authentication tag length received and has no lower bounds check. A man-in-the-middle can therefore truncate the mac field from 16 bytes to 1 byte, reducing the tag check from 2⁻¹²⁸ to 2⁻⁸.

AnalysisAI

Man-in-the-middle attackers can truncate AES-GCM authentication tags in wolfSSL's PKCS7 AuthEnvelopedData processing from 16 bytes to 1 byte, degrading cryptographic integrity verification from 2⁻¹²⁸ to 2⁻⁸ probability. Affects wolfSSL versions through 5.9.0 due to missing lower bounds validation in wc_PKCS7_DecodeAuthEnvelopedData(). …

Unlock full vulnerability intelligence

Risk assessment & exploitation conditions
Attack chain visualization
Remediation with exact patch versions
Threat intelligence from 22 sources
Personal watchlist & email alerts

Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access

Position as MITM on network path

Delivery

Intercept PKCS7 AuthEnvelopedData message

Exploit

Truncate AES-GCM authentication tag to 1 byte

Execution

Forge modified ciphertext with invalid tag

Persist

wolfSSL accepts forged data due to weak tag validation

Impact

Attacker achieves integrity bypass