CVE-2026-10098

EUVD-2026-39578

25.06.2026, 22:16

OCSP CertID serial-number length-confusion in wolfSSL_OCSP_resp_find_status allows a same-issuer SingleResponse whose serial is a prefix of the target serial to be reported as the revocation status of a different certificate. The lookup compared serial-number bytes without first requiring the two serial numbers to be of equal length, so a SingleResponse for one certificate (same issuer) whose serial is a prefix of the target's serial would match, returning the wrong certificate's status. The fix requires the serial lengths to be equal before comparing the serial bytes.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
wolfSSL	CNA	6.3 MEDIUM	NETWORK	LOW	NONE	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

Base Score

CVSS 3.x

EPSS Score

Percentile: Unknown

Early Detection

Affected products identified ahead of NVD analysis through intelligence sources.

Vendor	Product	Version	Source
wolfssl	wolfssl	4.6.0 ≤ 𝑥 ≤ 5.9.1	CNA

Common Weakness Enumeration

CWE-295 - Improper Certificate Validation
The software does not validate, or incorrectly validates, a certificate.

References

https://github.com/wolfSSL/wolfssl/pull/10554

https://www.wolfssl.com/docs/security-vulnerabilities/