Home > Vulnerability Database > CVE-2025-12888

Mend.io Vulnerability Database

CVE-2025-12888

Good to know:

Date: November 21, 2025

Vulnerability in X25519 constant-time cryptographic implementations due to timing side channels introduced by compiler optimizations and CPU architecture limitations, specifically with the Xtensa-based ESP32 chips. If targeting Xtensa it is recommended to use the low memory implementations of X25519, which is now turned on as the default for Xtensa.

Severity Score

2.1

Related Resources (4)

Url: https://https://github.com/wolfSSL/wolfssl/pull/9275

Url: https://github.com/wolfSSL/wolfssl/pull/9275

Url: https://nvd.nist.gov/vuln/detail/CVE-2025-12888

Url: https://www.mend.io/vulnerability-database/CVE-2025-12888

Severity Score

2.1

Weakness Type (CWE)

Observable Discrepancy

CWE-203

Top Fix

Upgrade Version

Upgrade to version https://github.com/wolfSSL/wolfssl.git - v5.8.4-stable

Learn More

CVSS v3.1

Base Score:	2.1
Attack Vector (AV):	PHYSICAL
Attack Complexity (AC):	HIGH
Privileges Required (PR):	LOW
User Interaction (UI):	NONE
Scope (S):	CHANGED
Confidentiality (C):	LOW
Integrity (I):	NONE
Availability (A):	NONE

Mend.io Vulnerability Database

We found results for “”

CVE-2025-12888

Good to know:

Date: November 21, 2025

Severity Score

Related Resources (4)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

Do you need more information?