CVE-2025-7396

Name of the Vulnerable Software and Affected Versions wolfSSL version 5.8.2

Description In wolfSSL release 5.8.2, blinding support is enabled by default for Curve25519 in applicable builds. This feature provides an additional layer of protection against side-channel attacks aimed at extracting a private key, particularly for devices susceptible to physical access or observation. The blinding configure option applies only to the base C implementation of Curve25519 and is not available with ARM assembly builds, Intel assembly builds, or the small Curve25519 feature.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.