Back to search
CVE-2026-5466
Published: Apr 10, 2026
Modified: Apr 22, 2026
PUBLISHED
Description
wolfSSL's ECCSI signature verifier `wc_VerifyEccsiHash` decodes the `r` and `s` scalars from the signature blob via `mp_read_unsigned_bin` with no check that they lie in `[1, q-1]`. A crafted forged signature could verify against any message for any identity, using only publicly-known constants.
| Vendor | Product | Versions |
|---|---|---|
wolfSSL | wolfSSL | affected 0 - < 5.9.1 |
Weaknesses (CWE)
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now