CVE-2026-5466

Name of the Vulnerable Software and Affected Versions wolfSSL (affected versions not specified)

Description The ECCSI signature verifier wc VerifyEccsiHash in wolfSSL decodes the r and s scalars from the signature blob using mp read unsigned bin without verifying that these values fall within the expected range of [1, q-1]. This allows for the creation of a crafted, forged signature that can be successfully verified against any message for any identity, utilizing only publicly available constants.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.