Nonce Reuse Vulnerability in wolfSSL's ARIA-GCM Cipher Suites
CVE-2026-5446

6MEDIUM

Key Information:

Vendor: Wolfssl
Status: Wolfssl
Vendor: CVE Published:; 9 April 2026

What is CVE-2026-5446?

The vulnerability in wolfSSL arises from the reuse of an identical 12-byte GCM nonce across all application-data records in ARIA-GCM cipher suites used with TLS 1.2 and DTLS 1.2. Since the wc_AriaEncrypt function operates statelessly and directly transmits the provided IV to the MagicCrypto SDK without implementing an internal counter, this results in predictable cryptographic patterns. The explicit IV is initialized to zero during session setup and remains unchanged in non-FIPS builds, further exacerbating the risk. Importantly, this issue is limited to builds configured with the --enable-aria option aimed at compliance with Korean regulations, while AES-GCM remains unaffected due to its mechanism of maintaining an independent invocation counter.

Affected Version(s)

wolfSSL 5.2.1 < 5.9.1

References

https://github.com/wolfSSL/wolfssl/pull/10111

CVSS V4

Score:

Severity:

MEDIUM

Confidentiality:

High

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 9, 2026
Vulnerability Reserved
Apr 2, 2026

Credit

Calif.io in collaboration with Claude and Anthropic Research

CVE-2026-5446 Data

JSON