Platform
c
Component
wolfssl
Fixed in
5.11.0
CVE-2026-5477 describes an Integer Overflow vulnerability discovered in wolfSSL, a widely used cryptographic library. This flaw allows attackers to forge CMAC tags, potentially compromising the integrity of data protected by CMAC. The vulnerability affects versions 0.0.0 through 5.9.0 of wolfSSL, and a fix is available in version 5.11.0.
The core of this vulnerability lies within the wc_CmacUpdate function of the wolfCrypt CMAC implementation. Specifically, a flaw in the logic handling the totalSz variable, a 32-bit integer, allows for a state wrap-around after approximately 4 GiB of data processing. This wrap-around causes the CMAC calculation to erroneously discard the CBC-MAC chain state, leading to identical CMAC tags for messages sharing a common suffix exceeding the 4 GiB threshold. An attacker could exploit this to perform a zero-work prefix substitution forgery, effectively creating a valid-looking CMAC tag for a malicious message without needing to process the entire message. This could lead to data corruption, unauthorized access, or other security breaches depending on how CMAC is used within the affected application.
CVE-2026-5477 was publicly disclosed on 2026-04-10. As of this writing, there are no publicly available proof-of-concept exploits. The vulnerability's complexity and the need for specific message characteristics (shared suffix exceeding 4 GiB) may limit its immediate exploitability. It has not yet been added to the CISA KEV catalog. The EPSS score is pending evaluation.
Exploit Status
EPSS
0.06% (17% percentile)
CISA SSVC
The primary mitigation for CVE-2026-5477 is to upgrade to wolfSSL version 5.11.0 or later, which includes the necessary fix. If upgrading is not immediately feasible, consider implementing temporary workarounds. While a direct workaround is difficult without modifying the wolfSSL code, applications using CMAC should carefully review their data handling practices to minimize the risk of messages exceeding the 4 GiB threshold. Monitoring CMAC usage patterns and implementing input validation to limit message sizes could provide some level of protection. After upgrading, confirm the fix by generating CMAC tags for messages exceeding 4 GiB and verifying that the tags are unique and not susceptible to forgery.
Update to version 5.11.0 or later of wolfSSL to mitigate the vulnerability. The update corrects the integer overflow in the CMAC implementation, preventing CMAC tag forgery and ensuring data integrity.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2026-5477 is an Integer Overflow vulnerability in wolfSSL versions 0.0.0–5.9.0. It allows attackers to forge CMAC tags by exploiting a state wrap-around in the CMAC calculation.
If you are using wolfSSL versions 0.0.0 through 5.9.0, you are potentially affected by this vulnerability. Assess your CMAC usage and upgrade as soon as possible.
The recommended fix is to upgrade to wolfSSL version 5.11.0 or later. This version includes a patch that addresses the integer overflow vulnerability.
As of now, there are no publicly known active exploits for CVE-2026-5477. However, the vulnerability's potential impact warrants immediate attention and mitigation.
Refer to the official wolfSSL security advisory for detailed information and updates regarding CVE-2026-5477: [https://www.wolfssl.com/](https://www.wolfssl.com/)
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.