Protection mechanism failure in wolfSSL - CVE-2026-6092
Published: July 1, 2026
wolfSSL
Detailed vulnerability description
The vulnerability allows a remote attacker to weaken message integrity protections.
The vulnerability exists due to improper protocol enforcement in the TLS record protection implementation when HAVE_ENCRYPT_THEN_MAC is configured. A remote attacker can trigger fallback behavior to weaken message integrity protections.
The issue occurs only when HAVE_ENCRYPT_THEN_MAC is configured.