Ciphertext Comparison Flaw in WolfSSL's ML-KEM for ARM64 Architecture
CVE-2026-6330

6.3MEDIUM

Key Information:

Vendor: Wolfssl
Status: Wolfssl
Vendor: CVE Published:; 25 June 2026

What is CVE-2026-6330?

A vulnerability in the ML-KEM implementation for ARM64 architecture in wolfSSL is related to improper ciphertext comparison during the encryption process. Specifically, the comparison method only examines half of the re-encrypted ciphertext, which undermines the effective security measures mandated by the Fujisaki-Okamoto transform. As a result, a malicious actor could manipulate the ciphertext undetected, allowing them to bypass the necessary implicit rejection protocols established for IND-CCA2 security, potentially jeopardizing data integrity and confidentiality.

Affected Version(s)

wolfSSL 5.7.4 <= 5.9.1

References

https://github.com/wolfSSL/wolfssl/pull/10192

patch

https://www.wolfssl.com/docs/security-vulnerabilities/

CVSS V4

Score:

6.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 25, 2026
Vulnerability Reserved
Apr 15, 2026

Credit

Nicholas Carlini from Anthropic

CVE-2026-6330 Data

JSON