VDB
CVE-2026-3580
CVE-2026-3580
PUBLISHED
CVSS 2.0999999046325684 LOW
In wolfSSL 5.8.4, constant-time masking logic in sp_256_get_entry_256_9 is optimized into conditional branches (bnez) by GCC when targeting RISC-V RV32I with -O3. This transformation breaks the side-channel resistance of ECC scalar multiplication, potentially allowing a local attacker to recover secret keys via timing analysis.
EPSS 0.01% · 0.4th percentile
Risk Scores
CVSS v4.0
2.0999999046325684
CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N
EPSS Score
0.01%
0.4th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| wolfssl | wolfssl | 5.8.4, 5.8.4, 5.8.4 |
| wolfSSL | wolfSSL | 0, 0, 0 |
Timeline
- Mar 19, 2026 PoC Published
- Mar 19, 2026 CVE Published
- Mar 19, 2026 CVE Updated
- Mar 20, 2026 EPSS Score
- Mar 20, 2026 Coalition ESS Score
- Mar 21, 2026 EPSS Score
- Mar 21, 2026 Coalition ESS Score
- Mar 22, 2026 EPSS Score
- Mar 23, 2026 EPSS Score
- Mar 24, 2026 EPSS Score
- Mar 25, 2026 EPSS Score
- Mar 29, 2026 Security Advisory