Improper Certificate Validation in wolfSSL - CVE-2026-7532
Published: July 1, 2026
wolfSSL
Detailed vulnerability description
The vulnerability allows a remote attacker to bypass name constraints.
The vulnerability exists due to improper certificate validation in IP address name-constraint enforcement when WOLFSSL_IP_ALT_NAME is not defined. A remote attacker can present a crafted certificate to bypass name constraints.
The issue occurs only when WOLFSSL_IP_ALT_NAME is not defined.