CVE-2026-5479

Summary

In wolfSSL's EVP layer, the ChaCha20-Poly1305 AEAD decryption path in wolfSSL_EVP_CipherFinal (and related EVP cipher finalization functions) fails to verify the authentication tag before returning plaintext to the caller. When an application uses the EVP API to perform ChaCha20-Poly1305 decryption, the implementation computes or accepts the tag but does not compare it against the expected value.

Affected Software

VendorProductVersion RangeStatus
wolfSSLwolfSSL0 < 5.9.1affected

Weaknesses

  • CWE-354: CWE-354 Improper Validation of Integrity Check Value

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References