CVE-2026-5501
Published:April 10, 2026
Updated:April 22, 2026
wolfSSL_X509_verify_cert in the OpenSSL compatibility layer accepts a certificate chain in which the leaf's signature is not checked, if the attacker supplies an untrusted intermediate with Basic Constraints "CA:FALSE" that is legitimately signed by a trusted root. An attacker who obtains any leaf certificate from a trusted CA (e.g. a free DV cert from Let's Encrypt) can forge a certificate for any subject name with any public key and arbitrary signature bytes, and the function returns "WOLFSSL_SUCCESS" / "X509_V_OK". The native wolfSSL TLS handshake path ("ProcessPeerCerts") is not susceptible and the issue is limited to applications using the OpenSSL compatibility API directly, which would include integrations of wolfSSL into nginx and haproxy.
Affected Packages
https://github.com/wolfSSL/wolfssl.git (GITHUB):
Affected version(s) >=v0.5 <v5.9.1-stableFix Suggestion:
Update to version v5.9.1-stableRelated ResourcesĀ (1)
Do you need more information?
Contact UsCVSS v4
Base Score:
8.6
Attack Vector
NETWORK
Attack Complexity
LOW
Attack Requirements
NONE
Privileges Required
LOW
User Interaction
NONE
Vulnerable System Confidentiality
HIGH
Vulnerable System Integrity
HIGH
Vulnerable System Availability
NONE
Subsequent System Confidentiality
NONE
Subsequent System Integrity
NONE
Subsequent System Availability
NONE
CVSS v3
Base Score:
8.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
NONE
Weakness Type (CWE)
Improper Certificate Validation
EPSS
Base Score:
0.02
