Improper Verification of Cryptographic Signature in wolfSSL - CVE-2026-55961
Published: July 1, 2026
wolfSSL
Detailed vulnerability description
The vulnerability allows a remote attacker to bypass signature verification.
The vulnerability exists due to improper authentication in wolfSSL_PKCS7_verify() when processing a degenerate PKCS#7 object with empty signerInfos. A remote attacker can supply a crafted certs-only PKCS#7 object to bypass signature verification.
Only OpenSSL compatibility builds that call the PKCS7_verify() compatibility API on potentially degenerate PKCS#7 bundles are affected.