Wolfssl · Wolfssl · CVE-2026-2645
**Name of the Vulnerable Software and Affected Versions**
wolfSSL versions prior to 5.8.4
**Description**
A flaw existed in the TLS 1.2 server state machine implementation where the server could incorrectly accept the CertificateVerify message before the ClientKeyExchange message was received. This issue affects versions prior to 5.8.4. Version 5.8.4 detects the issue later in the handshake, and 5.9.0 further hardens the process to catch the issue earlier.
**Recommendations**
Update to wolfSSL version 5.8.4 or later.