Platform
c
Component
wolfssl
Fixed in
5.9.1
CVE-2026-5194 affects wolfSSL versions 3.12.0 through 5.9.1. This vulnerability stems from insufficient hash/digest size and OID checks during ECDSA certificate verification, potentially allowing smaller-than-expected digests to be accepted. Successful exploitation could compromise certificate-based authentication, particularly if the public CA key is also compromised. Upgrade to version 5.9.1 to address this issue.
The core impact of CVE-2026-5194 lies in the weakening of ECDSA certificate validation. An attacker who possesses or can obtain the public CA key used for signing certificates could craft a malicious certificate with a smaller-than-expected digest. When wolfSSL incorrectly accepts this undersized digest as valid, it bypasses the intended security checks. This allows the attacker to impersonate legitimate entities and potentially gain unauthorized access to systems relying on certificate-based authentication. The blast radius extends to any system using wolfSSL for ECDSA certificate verification, especially those relying on a single, potentially compromised CA. While the vulnerability requires knowledge of the CA key, the potential for widespread impact exists if that key is exposed or compromised.
CVE-2026-5194 was publicly disclosed on 2026-04-09. There is no indication of active exploitation or KEV listing at the time of writing. Public proof-of-concept code is currently unavailable, but the vulnerability's nature suggests that it could be relatively straightforward to exploit given access to the CA key. Monitor security advisories and threat intelligence feeds for any signs of exploitation.
Exploit Status
EPSS
0.04% (10% percentile)
CISA SSVC
The primary mitigation for CVE-2026-5194 is upgrading to wolfSSL version 5.9.1 or later, which includes the necessary fixes for the digest size and OID checks. If an immediate upgrade is not feasible, consider implementing stricter certificate validation policies at the application level to reject certificates with unusually small digest sizes. While not a complete solution, this can provide an additional layer of defense. Monitor wolfSSL logs for any unusual certificate validation errors or warnings. After upgrading, confirm the fix by attempting to verify a certificate with a deliberately undersized digest – it should be rejected.
Update to version 5.9.1 or later to mitigate the vulnerability. This update corrects the missing hash/digest size and OID checks, preventing the acceptance of ECDSA digests smaller than allowed.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2026-5194 is a vulnerability in wolfSSL versions 3.12.0–5.9.1 that allows acceptance of undersized ECDSA certificate digests, potentially compromising certificate-based authentication.
You are affected if you are using wolfSSL versions 3.12.0 through 5.9.1 and rely on ECDSA certificate verification.
Upgrade to wolfSSL version 5.9.1 or later to remediate the vulnerability. Consider stricter certificate validation policies as an interim measure.
There is currently no indication of active exploitation, but the vulnerability's nature suggests potential for exploitation if the CA key is compromised.
Refer to the official wolfSSL security advisory for detailed information and updates: [https://www.wolfssl.com/advisories/CVE-2026-5194](https://www.wolfssl.com/advisories/CVE-2026-5194)
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.