WolfSSL Product Security Update Advisory

May 26 2026

Overview

a security update has been released to address a vulnerability in the wolfSSL product. the target is wolfSSL version 5.9.1 and earlier.

Affected Vulnerabilities

CVE-2026-5446: ARIA-GCM nonce reuse vulnerability in wolfSSL.
CVE-2026-5447: Heap buffer overflow vulnerability in wolfSSL X.509 certificate handling.
CVE-2026-5448: Buffer overflow vulnerability in the wolfSSL OpenSSL-compatible API in the handling of the X.509 certificate date field.
CVE-2026-5477: A possible AES-EAX and CMAC authentication bypass vulnerability in wolfSSL.
CVE-2026-5479: Missing authentication tag verification vulnerability in the ChaCha20-Poly1305 decryption process in the EVP layer of wolfSSL.
CVE-2026-5500: AES-GCM authentication tag length under-validation vulnerability in wolfSSL PKCS7 AuthEnvelopedData processing.
CVE-2026-5501: Certificate chain validation bypass vulnerability in the wolfSSL OpenSSL-compatible API.
CVE-2026-5503: Buffer overflow vulnerability in wolfSSL TLS ECH SNI handling.

Advisory

vulnerability patches have been made available in the latest updates. you should follow the instructions on the reference site to update to the latest version of the Vulnerability Patch.

WolfSSL Product Security Update Advisory

Overview

Affected Vulnerabilities

Advisory

TanStack Supply Chain Attack Security Advisory (CVE-2026-45321)

Nx Console Security Update Advisory (CVE-2026-48027)

Overview

Affected Vulnerabilities

Advisory

Tags:

TanStack Supply Chain Attack Security Advisory (CVE-2026-45321)

Nx Console Security Update Advisory (CVE-2026-48027)