Input validation error in wolfSSL - CVE-2026-10098
Published: July 1, 2026
wolfSSL
Detailed vulnerability description
The vulnerability allows a remote attacker to falsify certificate revocation status.
The vulnerability exists due to improper input validation in wolfSSL_OCSP_resp_find_status when matching CertID serial numbers. A remote attacker can supply a crafted OCSP response with a same-issuer serial prefix to falsify certificate revocation status.