CVE-2026-5501
Reported by wolfSSL · Published April 10, 2026
wolfSSL_X509_verify_cert in the OpenSSL compatibility layer accepts a certificate chain in which the leaf's signature is not checked, if the attacker supplies an untrusted intermediate with Basic Constraints `CA:FALSE` that is legitimately signed by a trusted root. An attacker who obtains any leaf certificate from a trusted CA (e.g. a free DV cert from Let's Encrypt) can forge a certificate for any subject name with any public key and arbitrary signature bytes, and the function returns `WOLFSSL_SUCCESS` / `X509_V_OK`. The native wolfSSL TLS handshake path (`ProcessPeerCerts`) is not susceptible and the issue is limited to applications using the OpenSSL compatibility API directly, which would include integrations of wolfSSL into nginx and haproxy.
EPSS 0.02% · 6.9th percentile
Risk Scores
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| wolfSSL | wolfSSL | 0 |
| wolfSSL | wolfSSL | 0 |
Timeline
- Apr 10, 2026 EPSS Score
- Apr 10, 2026 CVE Published
- Apr 10, 2026 PoC Published
- Apr 22, 2026 CVE Updated
- May 18, 2026 EPSS Score
- May 19, 2026 EPSS Score
- May 20, 2026 EPSS Score
- May 21, 2026 EPSS Score
- May 22, 2026 EPSS Score
- May 23, 2026 EPSS Score
- May 24, 2026 EPSS Score
- May 25, 2026 EPSS Score