Wolfssl Latest Vulnerabilities

Client Certificate Authentication Flaw in wolfssl Python Package

CVE-2025-15346

WolfsslWolfssl-py9.3CRITICAL

Heap Buffer Over-read Vulnerability in wolfSSH by wolfSSL

CVE-2025-15382

WolfsslWolfssh5.1MEDIUM

Key Exchange Manipulation in wolfSSH Client Applications from wolfSSL

CVE-2025-14942

WolfsslWolfssh9.4CRITICAL

Timing Side-Channel Vulnerability in wolfSSL

CVE-2025-13912

WolfsslWolfssl1LOW

Weak Digest Algorithm Vulnerability in wolfSSL TLS 1.2

CVE-2025-12889

WolfsslWolfssl2.3LOW

Information Disclosure in wolfSSL TLS 1.3 PSK Binder Verification

CVE-2025-11932

WolfsslWolfssl2.3LOW

Integer Underflow in XChaCha20-Poly1305 Decrypt Affects wolfSSL

CVE-2025-11931

WolfsslWolfssl2.1LOW

Timing Side Channel Vulnerability in X25519 Implementations on ESP32 Chips

CVE-2025-12888

WolfsslWolfssl1LOW

Improper Input Validation in wolfSSL Affects Multiple Platforms

CVE-2025-11936

WolfsslWolfssl6.3MEDIUM

Improper Input Validation in wolfSSL Affects Signature Algorithm Negotiation

CVE-2025-11934

WolfsslWolfssl2.1LOW

TLS 1.3 Vulnerability in wolfSSL Affecting Secure Connections

CVE-2025-11935

WolfsslWolfssl6.3MEDIUM

Improper Host Authentication in wolfSSH Clients by wolfSSL

CVE-2025-11625

WolfsslWolfssh9.4CRITICAL

Stack Buffer Overrun in RSA Key Export for TPM 2.0 Module by wolfSSL

CVE-2025-7844

Wolfssl Inc.Wolftpm1LOW

Curve25519 Blinding Vulnerability in wolfSSL by wolfSSL

CVE-2025-7396

WolfsslWolfssl5.6MEDIUM

Weak Random Number Generation in wolfSSL After Fork Operations

CVE-2025-7394

WolfsslWolfssl7HIGH

Certificate Verification Error in wolfSSL Affects Security of Various Applications

CVE-2025-7395

WolfsslWolfssl9.2CRITICAL

Fault Injection vulnerability in wolfssl/wolfcrypt/src/ed25519.c allows remote attacker co-resides in the same system with a victim process to disclose information and escalate privileges via Rowhammer fault injection to the ed25519_key structure.

CVE-2024-2881

WolfsslWolfcrypt8.8HIGH

Fault Injection Vulnerability Affects WolfSSL on Linux/Windows

CVE-2024-1545

WolfsslWolfcrypt5.9MEDIUM

Side-Channel Protection Against Cache-Line Resolution Attacks

CVE-2024-1543

WolfsslWolfssl5.5MEDIUM

Side-Channel Attack on ECDSA Nonce k Generation Reveals Significant Bias

CVE-2024-1544

WolfsslWolfssl4.1MEDIUM

Ciphersuite Downgrade Attack via Skipping Fully Parsing Server Hello

CVE-2024-5814

WolfsslWolfssl

Safe-error attack via Rowhammer leads to ECDSA key disclosure

CVE-2024-5288

Wolfssl Inc.Wolfssl5.9MEDIUM

Function MatchDomainName() vulnerable to buffer overflow due to unchecked user input

CVE-2024-5991

WolfsslWolfssl7.5HIGH

Malicious Packet Sender Can Crash or Cause Out of Bounds Read

CVE-2024-0901

WolfsslWolfssl7.5HIGH

Unauthorized Access Vulnerability in WolfSSH Server-Side State Machine Before Versions 1.4.17

CVE-2024-2873

Wolfssl Inc.Wolfssh9.1CRITICAL

wolfssl Latest Vulnerabilities

Vulnerability Published:

Sort By:

7 January 2026

Client Certificate Authentication Flaw in wolfssl Python Package

6 January 2026

Heap Buffer Over-read Vulnerability in wolfSSH by wolfSSL

Key Exchange Manipulation in wolfSSH Client Applications from wolfSSL

11 December 2025

Timing Side-Channel Vulnerability in wolfSSL

21 November 2025

Weak Digest Algorithm Vulnerability in wolfSSL TLS 1.2

Information Disclosure in wolfSSL TLS 1.3 PSK Binder Verification

Integer Underflow in XChaCha20-Poly1305 Decrypt Affects wolfSSL

Timing Side Channel Vulnerability in X25519 Implementations on ESP32 Chips

Improper Input Validation in wolfSSL Affects Multiple Platforms

Improper Input Validation in wolfSSL Affects Signature Algorithm Negotiation

TLS 1.3 Vulnerability in wolfSSL Affecting Secure Connections

21 October 2025

Improper Host Authentication in wolfSSH Clients by wolfSSL

4 August 2025

Stack Buffer Overrun in RSA Key Export for TPM 2.0 Module by wolfSSL

18 July 2025

Curve25519 Blinding Vulnerability in wolfSSL by wolfSSL

Weak Random Number Generation in wolfSSL After Fork Operations

Certificate Verification Error in wolfSSL Affects Security of Various Applications

30 August 2024

Fault Injection vulnerability in wolfssl/wolfcrypt/src/ed25519.c allows remote attacker co-resides in the same system with a victim process to disclose information and escalate privileges via Rowhammer fault injection to the ed25519_key structure.

29 August 2024

Fault Injection Vulnerability Affects WolfSSL on Linux/Windows

Side-Channel Protection Against Cache-Line Resolution Attacks

27 August 2024

Side-Channel Attack on ECDSA Nonce k Generation Reveals Significant Bias

Ciphersuite Downgrade Attack via Skipping Fully Parsing Server Hello

Safe-error attack via Rowhammer leads to ECDSA key disclosure

Function MatchDomainName() vulnerable to buffer overflow due to unchecked user input

25 March 2024

Malicious Packet Sender Can Crash or Cause Out of Bounds Read

Unauthorized Access Vulnerability in WolfSSH Server-Side State Machine Before Versions 1.4.17