Skip to main content

Wolfssl EUVD-2026-21292

| CVE-2026-5479 HIGH
Improper Validation of Integrity Check Value (CWE-354)
2026-04-10 wolfSSL GHSA-3xr8-r75g-g9c6
Information Disclosure Wolfssl
7.6
CVSS 4.0 · NVD
Share

Severity by source

NVD PRIMARY
7.6 HIGH
CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Adjacent
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

7
Re-analysis Queued
Apr 29, 2026 - 13:52 vuln.today
cvss_changed
Analysis Updated
Apr 16, 2026 - 05:59 EUVD-patch-fix
executive_summary
Re-analysis Queued
Apr 16, 2026 - 05:29 backfill_euvd_patch
patch_released
Patch available
Apr 16, 2026 - 05:29 EUVD
5.9.1
EUVD ID Assigned
Apr 10, 2026 - 03:45 euvd
EUVD-2026-21292
Analysis Generated
Apr 10, 2026 - 03:45 vuln.today
CVE Published
Apr 10, 2026 - 02:38 nvd
HIGH 7.6

DescriptionCVE.org

In wolfSSL's EVP layer, the ChaCha20-Poly1305 AEAD decryption path in wolfSSL_EVP_CipherFinal (and related EVP cipher finalization functions) fails to verify the authentication tag before returning plaintext to the caller. When an application uses the EVP API to perform ChaCha20-Poly1305 decryption, the implementation computes or accepts the tag but does not compare it against the expected value.

AnalysisAI

ChaCha20-Poly1305 AEAD decryption in wolfSSL's EVP layer bypasses authentication tag verification, allowing unauthenticated adjacent attackers to inject arbitrary ciphertext that is decrypted and returned as plaintext without cryptographic validation. Affects wolfSSL versions prior to 5.9.1. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts
Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Craft malicious ChaCha20-Poly1305 ciphertext
Exploit
Call wolfSSL_EVP_CipherFinal with invalid tag
Execution
Receive plaintext without tag verification
Impact
Exploit authentication bypass
Sign in to reveal

Vulnerability AssessmentAI

Exploitation Requires application using wolfSSL's EVP API for ChaCha20-Poly1305 AEAD decryption. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment CVSS 7.6 reflects high confidentiality impact from authentication bypass in ChaCha20-Poly1305 decryption. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario Attacker on adjacent network sends crafted ChaCha20-Poly1305 ciphertext to application using wolfSSL EVP API. Application decrypts and returns plaintext without tag verification, leaking unencrypted data despite cryptographic implementation. …
Remediation Vendor-released patch: upgrade to wolfSSL 5.9.1 or later, which implements proper tag verification in EVP cipher finalization path. … Detailed patch versions, workarounds, and compensating controls in full report.
Sign in to read full assessment

Recommended ActionAI

Within 24 hours: Inventory all systems and applications using wolfSSL versions prior to 5.9.1, particularly those leveraging EVP API for ChaCha20-Poly1305 operations. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

EUVD-2026-21292 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy