CVE-2026-3230

Name of the Vulnerable Software and Affected Versions wolfSSL (affected versions not specified)

Description A missing cryptographic step in the TLS 1.3 client HelloRetryRequest handshake logic in wolfSSL could compromise the confidentiality of TLS-protected communications. This occurs through a crafted HelloRetryRequest followed by a ServerHello message that omits the required key share extension, leading to predictable traffic secrets derived from (EC)DHE shared secrets.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.