Known Vulnerabilities for products from WolfSSL
Listed below are 20 of the newest known vulnerabilities associated with the vendor "WolfSSL".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-5778 json | Not Provided | 2026-04-09 | 2026-04-09 | |
| CVE-2026-5504 json | Not Provided | 2026-04-09 | 2026-04-09 | |
| CVE-2026-5501 json | Not Provided | 2026-04-10 | 2026-04-10 | |
| CVE-2026-5500 json | Not Provided | 2026-04-10 | 2026-04-10 | |
| CVE-2026-5479 json | Not Provided | 2026-04-10 | 2026-04-10 | |
| CVE-2026-5466 json | Not Provided | 2026-04-10 | 2026-04-10 | |
| CVE-2026-5460 json | Not Provided | 2026-04-10 | 2026-04-09 | |
| CVE-2026-5448 json | Not Provided | 2026-04-10 | 2026-04-09 | |
| CVE-2026-5446 json | Not Provided | 2026-04-09 | 2026-04-09 | |
| CVE-2026-5393 json | Not Provided | 2026-04-10 | 2026-04-09 | |
| CVE-2023-3724 json | If a TLS 1.3 client gets neither a PSK (pre shared key) extension nor a KSE (key share extension) when connecting to a malici... | 8.8 - HIGH | 2023-07-17 | 2023-07-28 |
| CVE-2022-42961 json | An issue was discovered in wolfSSL before 5.5.0. A fault injection attack on RAM via Rowhammer leads to ECDSA key disclosure.... | 5.3 - MEDIUM | 2022-10-15 | 2022-10-20 |
| CVE-2022-42905 json | In wolfSSL before 5.5.2, if callback functions are enabled (via the WOLFSSL_CALLBACKS flag), then a malicious TLS 1.3 client ... | 9.1 - CRITICAL | 2022-11-07 | 2023-02-15 |
| CVE-2022-39173 json | In wolfSSL before 5.5.1, malicious clients can cause a buffer overflow during a TLS 1.3 handshake. This occurs when an attack... | 7.5 - HIGH | 2022-09-29 | 2023-08-08 |
| CVE-2022-38153 json | An issue was discovered in wolfSSL before 5.5.0 (when --enable-session-ticket is used); however, only version 5.3.0 is exploi... | 5.9 - MEDIUM | 2022-08-31 | 2023-03-01 |
| CVE-2022-38152 json | An issue was discovered in wolfSSL before 5.5.0. When a TLS 1.3 client connects to a wolfSSL server and SSL_clear is called o... | 7.5 - HIGH | 2022-08-31 | 2023-03-01 |
| CVE-2022-34293 json | wolfSSL before 5.4.0 allows remote attackers to cause a denial of service via DTLS because a check for return-routability can... | 7.5 - HIGH | 2022-08-08 | 2022-08-12 |
| CVE-2022-25640 json | In wolfSSL before 5.2.0, a TLS 1.3 server cannot properly enforce a requirement for mutual authentication. A client can simpl... | 7.5 - HIGH | 2022-02-24 | 2023-08-08 |
| CVE-2022-25638 json | In wolfSSL before 5.2.0, certificate validation may be bypassed during attempted authentication by a TLS 1.3 client to a TLS ... | 6.5 - MEDIUM | 2022-02-24 | 2022-03-04 |
| CVE-2022-23408 json | wolfSSL 5.x before 5.1.1 uses non-random IV values in certain situations. This affects connections (without AEAD) using AES-C... | 9.1 - CRITICAL | 2022-01-18 | 2022-01-27 |