Zero Day MonitorZDM

← Back to list

—

CVE-2026-5194EXPLOITEDPATCHED

wolfssl · wolfssl

wolfSSL ECDSA Certificate Verification

Description

Missing hash/digest size and OID checks allow digests smaller than allowed when verifying ECDSA certificates, or smaller than is appropriate for the relevant key type, to be accepted by signature verification functions. This could lead to reduced security of ECDSA certificate-based authentication if the public CA key used is also known. This affects ECDSA/ECC verification when EdDSA or ML-DSA is also enabled.

Affected Products

Vendor	Product	Versions
wolfssl	wolfssl	3.12.0, 5.9.0

References

https://github.com/wolfSSL/wolfssl/pull/10131(patch)

Related News (1 articles)

Tier C

VulDB2h ago

CVE-2026-5194 | wolfSSL up to 5.9.0 Hash/Digest certificate validation

→ No new info (linked only)

CISA KEV❌ No

Actively exploited✅ Yes

Patch available

5.9.1

CWECWE-295

PublishedApr 9, 2026

Last enriched2h agov2

Tags

CVE-2026-5194

Trending Score50

Source articles1

Independent1

Info Completeness8/14

Missing: cvss, epss, kev, exploit, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

CRITICALCVE-2026-5263EXP

URI nameConstraints not enforced in ConfirmNameConstraints()

CRITICALCVE-2026-5446EXP

wolfSSL ARIA-GCM TLS 1.2/DTLS 1.2 GCM nonce reuse

CRITICALCVE-2026-5447EXP

Heap buffer overflow in CertFromX509() via AuthorityKeyIdentifier

CRITICALCVE-2026-5503EXP

out-of-bounds write in TLSX_EchChangeSNI via attacker-controlled publicName

CRITICALCVE-2026-5501EXP

Improper Certificate Signature Verification in X.509 Chain Validation Allows Forged Leaf Certificates

Pin to Dashboard

Verification

State: unverified

Confidence: 0%

Vulnerability Timeline

CVE Published

Apr 9, 2026

Actively Exploited

Apr 9, 2026

Patch Available

Apr 9, 2026

Discovered by ZDM

Apr 9, 2026

Updated: severity, affectedVersions, activelyExploited, tags

Apr 10, 2026

Version History

v2

Last enriched 2h ago

v2Tier C2h ago

Updated severity to CRITICAL, added affected version 5.9.0, and noted that the vulnerability is actively exploited.

severityaffectedVersionsactivelyExploitedtags

via VulDB

v110h ago

Initial creation