Improper Verification of Cryptographic Signature in wolfSSL - CVE-2026-6330
Published: July 1, 2026
wolfSSL
Detailed vulnerability description
The vulnerability allows a remote attacker to weaken ciphertext integrity protections.
The vulnerability exists due to improper authentication in the ML-KEM ARM64 NEON ciphertext comparison path when comparing ciphertext input. A remote attacker can supply crafted ciphertext to weaken ciphertext integrity protections.
The issue only affects the ARM64 NEON code path.