wolfSSL ChaCha20-Poly1305 Decryption Fails to Verify Authentication Tag

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

7.6

wolfSSL ChaCha20-Poly1305 Decryption Fails to Verify Authentication Tag

CVE-2026-5479

Summary

A flaw in wolfSSL's ChaCha20-Poly1305 decryption process can allow an attacker to tamper with encrypted data without being detected. This affects applications using the EVP API to decrypt data. To protect your data, update to a fixed version of wolfSSL as soon as possible.

Original title

Original description

In wolfSSL's EVP layer, the ChaCha20-Poly1305 AEAD decryption path in wolfSSL_EVP_CipherFinal (and related EVP cipher finalization functions) fails to verify the authentication tag before returning plaintext to the caller. When an application uses the EVP API to perform ChaCha20-Poly1305 decryption, the implementation computes or accepts the tag but does not compare it against the expected value.

nvd CVSS4.0 7.6

Vulnerability type

CWE-354

https://github.com/wolfSSL/wolfssl/pull/10102

Published: 10 Apr 2026 · Updated: 10 Apr 2026 · First seen: 10 Apr 2026