Cyber Resilience

CVE-2026-5194

Critical

Published: 09 April 2026

Published
09 April 2026
Modified
23 May 2026
KEV Added
Patch
CVSS Score v4 9.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:L/SC:H/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Red
EPSS Score 0.0047 37.2th percentile
Risk Priority 70 floored blend · peak EPSS

Summary

CVE-2026-5194 is a critical-severity Improper Certificate Validation (CWE-295) vulnerability in Wolfssl Wolfssl. Its CVSS base score is 9.3 (Critical).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 37.2th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

This vulnerability is AI-related — categorised as Other Platforms; in the Protocol-Specific Risks risk domain.

The strongest mitigations our analysis identified are NIST 800-53 SC-17 (Public Key Infrastructure Certificates) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2026-5194 is a vulnerability in the wolfSSL cryptographic library stemming from missing hash/digest size and OID checks in ECDSA signature verification functions. These omissions allow digests smaller than permitted or appropriate for the relevant key type to be accepted during ECDSA certificate verification. The flaw reduces the security of ECDSA certificate-based authentication if the public CA key is known and specifically affects ECDSA/ECC verification when EdDSA or ML-DSA is also enabled. It is classified under CWE-295 with a CVSS v3.1 base score of 9.1 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N).

Remote attackers require no privileges or user interaction to exploit this over the network with low complexity. Exploitation weakens ECDSA signature validation, potentially enabling attackers to bypass authentication mechanisms in affected systems using wolfSSL for certificate verification, leading to high impacts on confidentiality and integrity.

A pull request addressing the issue is available at https://github.com/wolfSSL/wolfssl/pull/10131, which security practitioners should review and apply to mitigate the vulnerability.

OWASP Top 10 for Web (2025)

EU & UK References

Vulnerability details

Missing hash/digest size and OID checks allow digests smaller than allowed when verifying ECDSA certificates, or smaller than is appropriate for the relevant key type, to be accepted by signature verification functions. This could lead to reduced security of ECDSA…

more

certificate-based authentication if the public CA key used is also known. This affects ECDSA/ECC verification when EdDSA or ML-DSA is also enabled.

CWE(s)

AI Security AnalysisAI

AI Category
Other Platforms
Risk Domain
Protocol-Specific Risks
OWASP Top 10 for LLMs 2025
None mapped
Classification Reason
Matched keywords: ml

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Why these techniques?

The vulnerability enables remote network exploitation (AV:N) with no privileges or user interaction to bypass ECDSA certificate-based authentication due to missing digest/OID checks in wolfSSL, directly facilitating initial access via exploitation of public-facing applications.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2026-5501Same product: Wolfssl Wolfssl
CVE-2026-55960Same product: Wolfssl Wolfssl
CVE-2026-7532Same product: Wolfssl Wolfssl
CVE-2026-55964Same product: Wolfssl Wolfssl
CVE-2026-6091Same product: Wolfssl Wolfssl
CVE-2026-6679Same product: Wolfssl Wolfssl
CVE-2026-11703Same product: Wolfssl Wolfssl
CVE-2026-10592Same product: Wolfssl Wolfssl
CVE-2026-6678Same product: Wolfssl Wolfssl
CVE-2022-25638Same product: Wolfssl Wolfssl

Affected Assets

wolfssl
wolfssl
3.12.0 — 5.9.1

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly mitigates the vulnerability by requiring timely remediation of the specific flaw in wolfSSL's ECDSA signature verification through patching.

prevent

Requires establishment and validation of PKI certificates, directly addressing weaknesses in ECDSA certificate signature verification.

prevent

Mandates secure implementation of cryptographic operations, including proper signature verification to prevent acceptance of invalid digests.

Hardening callouts derived

Configuration rules from DISA STIG baselines that reduce the attack surface for weaknesses of the type cited by this CVE. Derived transitively via CVE→CWE→STIG over `controls_xwalks` (authoritative rows only).

Oracle Linux 8 (3 rules)
  • V-248531 OL 8, for PKI-based authentication, must validate certificates by constructing a certification path (which includes status information) to an accepted trust anchor. via CWE-295
  • V-248574 YUM must be configured to prevent the installation of patches, service packs, device drivers, or OL 8 system components that have not been digitally signed using a certificate that is recognized and approved by the organization. via CWE-295
  • V-248575 OL 8 must prevent the installation of software, patches, service packs, device drivers, or operating system components of local packages without verification they have been digitally signed using a certificate that is issued by a Certificate Authority (CA) that is recognized and approved by the organization. via CWE-295
RHEL 7 (2 rules)
  • V-204447 The Red Hat Enterprise Linux operating system must prevent the installation of software, patches, service packs, device drivers, or operating system components from a repository without verification they have been digitally signed using a certificate that is issued by a Certificate Authority (CA) that is recognized and approved by the organization. via CWE-295
  • V-204448 The Red Hat Enterprise Linux operating system must prevent the installation of software, patches, service packs, device drivers, or operating system components of local packages without verification they have been digitally signed using a certificate that is issued by a Certificate Authority (CA) that is recognized and approved by the organization. via CWE-295
RHEL 8 (2 rules)
  • V-230264 RHEL 8 must prevent the installation of software, patches, service packs, device drivers, or operating system components from a repository without verification they have been digitally signed using a certificate that is issued by a Certificate Authority (CA) that is recognized and approved by the organization. via CWE-295
  • V-230265 RHEL 8 must prevent the installation of software, patches, service packs, device drivers, or operating system components of local packages without verification they have been digitally signed using a certificate that is issued by a Certificate Authority (CA) that is recognized and approved by the organization. via CWE-295

References