wolfSSL with OpenSSL compatibility accepts fake certificates from trusted CAs

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

8.6

wolfSSL with OpenSSL compatibility accepts fake certificates from trusted CAs

CVE-2026-5501

Summary

A vulnerability in wolfSSL's OpenSSL compatibility layer allows an attacker to create fake certificates that appear to be from a trusted CA. This could be used to impersonate a trusted website or service. If you're using wolfSSL with the OpenSSL compatibility API, update to the latest version to fix this issue.

Original title

Original description

wolfSSL_X509_verify_cert in the OpenSSL compatibility layer accepts a certificate chain in which the leaf's signature is not checked, if the attacker supplies an untrusted intermediate with Basic Constraints `CA:FALSE` that is legitimately signed by a trusted root. An attacker who obtains any leaf certificate from a trusted CA (e.g. a free DV cert from Let's Encrypt) can forge a certificate for any subject name with any public key and arbitrary signature bytes, and the function returns `WOLFSSL_SUCCESS` / `X509_V_OK`. The native wolfSSL TLS handshake path (`ProcessPeerCerts`) is not susceptible and the issue is limited to applications using the OpenSSL compatibility API directly, which would include integrations of wolfSSL into nginx and haproxy.

nvd CVSS4.0 8.6

Vulnerability type

CWE-295 Improper Certificate Validation

https://github.com/wolfSSL/wolfssl/pull/10102

Published: 10 Apr 2026 · Updated: 10 Apr 2026 · First seen: 10 Apr 2026