Back

Critical Vulnerability in wolfSSL Affects 5 Billion Devices

Severity: High (Score: 72.9)

Sources: Scworld, access.redhat.com, www.wolfssl.com, Cybernews, Heise.De

Summary

A critical vulnerability (CVE-2026-5194) in the wolfSSL library, which handles TLS encryption for over 5 billion devices, allows attackers to forge digital signatures, potentially compromising certificate-based authentication. The flaw arises from missing checks for hash/digest sizes and Object Identifiers (OIDs), enabling the acceptance of weak digests during signature verification. This vulnerability impacts multiple signature algorithms, including ECDSA, DSA, and EdDSA. An emergency patch was released in wolfSSL version 5.9.1 on April 8, 2026, to address this issue. Security experts warn that outdated devices may remain vulnerable as many manufacturers may not issue updates. The flaw has been rated as critical, with a severity score of 9.3 to 10.0, indicating a high risk of exploitation. Organizations using wolfSSL are urged to apply the patch immediately to mitigate risks. Key Points: • CVE-2026-5194 allows forgery of digital signatures in wolfSSL, affecting 5 billion devices. • The vulnerability stems from inadequate checks on hash/digest sizes and OIDs during verification. • An emergency patch (version 5.9.1) was released on April 8, 2026, but many devices may remain unpatched.

Key Entities

  • Zero-day Exploit (attack_type)
  • Red Hat (company)
  • WolfSSL (platform)
  • Linux (platform)
  • CVE-2023-6935 (cve)
  • CVE-2023-6936 (cve)
  • CVE-2023-6937 (cve)
  • CVE-2024-0901 (cve)
  • CVE-2024-1544 (cve)
  • calif.io (domain)
  • Openssl (tool)
  • WolfSSL Vulnerability (vulnerability)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed