Cyber Resilience

CVE-2026-5501

High

Published: 10 April 2026

Published
10 April 2026
Modified
27 April 2026
KEV Added
Patch
CVSS Score v4 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0018 8.2th percentile
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2026-5501 is a high-severity Improper Certificate Validation (CWE-295) vulnerability in Wolfssl Wolfssl. Its CVSS base score is 8.6 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 8.2th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SC-17 (Public Key Infrastructure Certificates) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2026-5501 is a high-severity vulnerability (CVSS 8.1, CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N) in the wolfSSL_X509_verify_cert function within wolfSSL's OpenSSL compatibility layer. The flaw allows acceptance of a malformed certificate chain where the leaf certificate's signature is not verified if an attacker provides an untrusted intermediate certificate with Basic Constraints CA:FALSE that is legitimately signed by a trusted root. This issue is confined to applications directly using the OpenSSL compatibility API and does not affect wolfSSL's native TLS handshake path (ProcessPeerCerts). Affected integrations include wolfSSL embedded in nginx and haproxy.

An attacker with low privileges and network access can exploit this by obtaining a legitimate leaf certificate from a trusted CA, such as a free Domain Validation certificate from Let's Encrypt. They can then forge a certificate for any subject name, embed any public key, and include arbitrary signature bytes in the chain. When processed by wolfSSL_X509_verify_cert, the function erroneously returns WOLFSSL_SUCCESS or X509_V_OK, enabling high-impact confidentiality and integrity violations, such as impersonation or man-in-the-middle attacks in compatible applications (CWE-295: Improper Certificate Validation).

Mitigation is addressed in a patch available via the wolfSSL GitHub pull request at https://github.com/wolfSSL/wolfssl/pull/10102, which security practitioners should review and apply to affected wolfSSL versions using the OpenSSL compatibility layer.

OWASP Top 10 for Web (2025)

EU & UK References

Vulnerability details

wolfSSL_X509_verify_cert in the OpenSSL compatibility layer accepts a certificate chain in which the leaf's signature is not checked, if the attacker supplies an untrusted intermediate with Basic Constraints `CA:FALSE` that is legitimately signed by a trusted root. An attacker who…

more

obtains any leaf certificate from a trusted CA (e.g. a free DV cert from Let's Encrypt) can forge a certificate for any subject name with any public key and arbitrary signature bytes, and the function returns `WOLFSSL_SUCCESS` / `X509_V_OK`. The native wolfSSL TLS handshake path (`ProcessPeerCerts`) is not susceptible and the issue is limited to applications using the OpenSSL compatibility API directly, which would include integrations of wolfSSL into nginx and haproxy.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
T1557 Adversary-in-the-Middle Credential Access
Adversaries may attempt to position themselves between two or more networked devices using an adversary-in-the-middle (AiTM) technique to support follow-on behaviors such as [Network Sniffing](https://attack.
Why these techniques?

Vulnerability enables remote exploitation of public-facing apps (nginx/haproxy) via malformed cert chains (T1190) and directly facilitates MITM/impersonation by bypassing X.509 validation (T1557).

Confidence: MEDIUM · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2026-6091Same product: Wolfssl Wolfssl
CVE-2026-55960Same product: Wolfssl Wolfssl
CVE-2026-55964Same product: Wolfssl Wolfssl
CVE-2021-3336Same product: Wolfssl Wolfssl
CVE-2022-25638Same product: Wolfssl Wolfssl
CVE-2026-5194Same product: Wolfssl Wolfssl
CVE-2022-25640Same product: Wolfssl Wolfssl
CVE-2026-7532Same product: Wolfssl Wolfssl
CVE-2026-4395Same product: Wolfssl Wolfssl
CVE-2026-11999Same product: Wolfssl Wolfssl

Affected Assets

wolfssl
wolfssl
≤ 5.9.0

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly requires timely identification, reporting, and patching of the specific flaw in wolfSSL_X509_verify_cert that allows forged certificate chains.

prevent

Mandates establishment and management of PKI certificates with defined validation methods to prevent acceptance of malformed chains lacking leaf signature verification.

prevent

Requires verification that security functions, including certificate chain validation in the OpenSSL compatibility layer, operate as intended to mitigate improper validation flaws.

Hardening callouts derived

Configuration rules from DISA STIG baselines that reduce the attack surface for weaknesses of the type cited by this CVE. Derived transitively via CVE→CWE→STIG over `controls_xwalks` (authoritative rows only).

Oracle Linux 8 (3 rules)
  • V-248531 OL 8, for PKI-based authentication, must validate certificates by constructing a certification path (which includes status information) to an accepted trust anchor. via CWE-295
  • V-248574 YUM must be configured to prevent the installation of patches, service packs, device drivers, or OL 8 system components that have not been digitally signed using a certificate that is recognized and approved by the organization. via CWE-295
  • V-248575 OL 8 must prevent the installation of software, patches, service packs, device drivers, or operating system components of local packages without verification they have been digitally signed using a certificate that is issued by a Certificate Authority (CA) that is recognized and approved by the organization. via CWE-295
RHEL 7 (2 rules)
  • V-204447 The Red Hat Enterprise Linux operating system must prevent the installation of software, patches, service packs, device drivers, or operating system components from a repository without verification they have been digitally signed using a certificate that is issued by a Certificate Authority (CA) that is recognized and approved by the organization. via CWE-295
  • V-204448 The Red Hat Enterprise Linux operating system must prevent the installation of software, patches, service packs, device drivers, or operating system components of local packages without verification they have been digitally signed using a certificate that is issued by a Certificate Authority (CA) that is recognized and approved by the organization. via CWE-295
RHEL 8 (2 rules)
  • V-230264 RHEL 8 must prevent the installation of software, patches, service packs, device drivers, or operating system components from a repository without verification they have been digitally signed using a certificate that is issued by a Certificate Authority (CA) that is recognized and approved by the organization. via CWE-295
  • V-230265 RHEL 8 must prevent the installation of software, patches, service packs, device drivers, or operating system components of local packages without verification they have been digitally signed using a certificate that is issued by a Certificate Authority (CA) that is recognized and approved by the organization. via CWE-295

References