CVE-2026-2645

MEDIUM

Acceptance of CertificateVerify Message before ClientKeyExchange in TLS 1.2

Title source: cna

Description

In wolfSSL 5.8.2 and earlier, a logic flaw existed in the TLS 1.2 server state machine implementation. The server could incorrectly accept the CertificateVerify message before the ClientKeyExchange message had been received. This issue affects wolfSSL before 5.8.4 (wolfSSL 5.8.2 and earlier is vulnerable, 5.8.4 is not vulnerable). In 5.8.4 wolfSSL would detect the issue later in the handshake. 5.9.0 was further hardened to catch the issue earlier in the handshake.

References (1)

https://github.com/wolfSSL/wolfssl/pull/9694

Scores

CVSS v4 5.5

EPSS 0.0003

EPSS Percentile 9.6%

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:P

Details

CWE

CWE-358

Status published

Products (1)

wolfSSL/wolfSSL < 5.8.4

Published Mar 19, 2026

Tracked Since Mar 19, 2026