Wolfssl Security Vulnerabilities (CVEs)
Track 16 security vulnerabilities affecting Wolfssl products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.
This TLS 1.2 vulnerability allows clients to use weaker cryptographic digests during certificate authentication than what the server requested, potent...
Nov 22, 2025A vulnerability in wolfSSL's TLS 1.3 CKS extension parsing allows remote attackers to cause denial-of-service by sending crafted ClientHello messages ...
Nov 21, 2025A denial-of-service vulnerability in wolfSSL v5.8.2 allows remote attackers to crash TLS 1.3 connections by sending malicious ClientHello messages wit...
Nov 21, 2025This vulnerability allows attackers to extract private keys from X25519 cryptographic implementations on Xtensa-based ESP32 chips through timing side-...
Nov 21, 2025An integer underflow vulnerability in wolfSSL's XChaCha20-Poly1305 decryption function allows attackers to cause out-of-bounds memory access when proc...
Nov 21, 2025This TLS 1.3 vulnerability allows malicious servers to bypass perfect forward secrecy (PFS) requirements when using pre-shared keys (PSK). Clients may...
Nov 21, 2025This vulnerability in wolfSSL's OpenSSL compatibility layer causes predictable random number generation after fork() operations, potentially leading t...
Jul 18, 2025CVE-2025-7396 is a side-channel vulnerability in wolfSSL 5.8.2 where Curve25519 blinding is enabled by default only for C implementations, leaving ARM...
Jul 18, 2025This CVE describes a fault injection vulnerability in the RsaPrivateDecryption function of WolfSSL, allowing a co-resident attacker on the same system...
Aug 29, 2024CVE-2024-5991 is an out-of-bounds read vulnerability in wolfSSL's X509 certificate hostname validation. Attackers can cause the library to read beyond...
Aug 27, 2024This TLS protocol vulnerability allows a malicious TLS 1.2 server to force a TLS 1.3 client with downgrade capability to use an unintended ciphersuite...
Aug 27, 2024This vulnerability in wolfSSL's TLS 1.3 implementation allows an attacker to compromise TLS session encryption when a client connects to a malicious s...
Jul 17, 2023This vulnerability in wolfSSL allows TLS 1.3 clients to bypass mutual authentication requirements by omitting the certificate_verify message during ha...
Feb 24, 2022This vulnerability in wolfSSL allows attackers to decrypt TLS/DTLS traffic when using AES-CBC or DES3 without AEAD protection. It affects systems usin...
Jan 18, 2022This vulnerability in wolfSSL allows attackers to bypass OCSP (Online Certificate Status Protocol) validation by providing mismatched serial numbers b...
Jul 21, 2021This vulnerability in wolfSSL's RSA-PSS padding implementation allows an out-of-bounds write when processing certain cryptographic operations. Attacke...
Jan 6, 2021Why Monitor Wolfssl Security Vulnerabilities?
Real-time CVE tracking: Our automated system monitors 16+ known vulnerabilities affecting Wolfssl products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.
Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Wolfssl packages in under 60 seconds. No agents required - completely agentless scanning that works across Wolfssl deployments.
Free vulnerability database: Access detailed information about every Wolfssl CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.
🚀 Get Started in 60 Seconds
- Register free account & add your servers
- Run one-time scan or schedule automatic monitoring (every 1-24 hours)
- Receive instant alerts when new Wolfssl CVEs affect your systems
- Access dashboard with severity breakdown & fix instructions
