Implicit Rejection Failure in Fujisaki-Okamoto Transform of Fujitsu's ML-KEM-1024
CVE-2026-10097

6.3MEDIUM

Key Information:

Vendor: Wolfssl
Status: Wolfssl
Vendor: CVE Published:; 25 June 2026

What is CVE-2026-10097?

The Fujisaki-Okamoto transform implemented in Fujitsu's ML-KEM-1024 has a significant flaw due to an implicit rejection failure when utilizing AVX2 for constant-time ciphertext comparison. This issue arises during the decapsulation process, where the last 32 bytes of a 1568-byte ciphertext are not compared. As a result, an attacker could manipulate these final bytes, making it possible for the system to mistakenly deem the manipulated ciphertext as valid. This leads to the unauthorized retrieval of shared secrets, compromising the integrity and confidentiality of cryptographic operations.

Affected Version(s)

wolfSSL 5.7.0 <= 5.9.1

References

https://github.com/wolfSSL/wolfssl/pull/10430

patch

https://www.wolfssl.com/docs/security-vulnerabilities/

CVSS V4

Score:

6.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 25, 2026
Vulnerability Reserved
May 29, 2026

Credit

007bsd

CVE-2026-10097 Data

JSON