Description
OCSP CertID serial-number length-confusion in wolfSSL_OCSP_resp_find_status allows a same-issuer SingleResponse whose serial is a prefix of the target serial to be reported as the revocation status of a different certificate. The lookup compared serial-number bytes without first requiring the two serial numbers to be of equal length, so a SingleResponse for one certificate (same issuer) whose serial is a prefix of the target's serial would match, returning the wrong certificate's status. The fix requires the serial lengths to be equal before comparing the serial bytes.
Published: 2026-06-25
Score: 6.3 Medium
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability is a serial‑number length confusion in the OCSP routine wolfSSL_OCSP_resp_find_status. A single OCSP response whose serial number is a prefix of the target certificate’s serial can be accepted as the revocation status of that certificate. This allows a wrong revocation state to be reported, enabling an attacker to make a revoked or untrusted certificate appear valid or, conversely, make a valid certificate appear revoked.

Affected Systems

The flaw affects the wolfSSL library, specifically any release that implements wolfSSL_OCSP_resp_find_status and has not applied the patch from pull request 10554. Applications and services that rely on wolfSSL for OCSP revocation checking are thus potentially vulnerable, regardless of the specific wolfSSL version unless the fix is included.

Risk and Exploitability

With a CVSS base score of 6.3 the flaw is assessed as moderately severe. The exploit does not require local privilege, but can be carried out remotely by supplying a crafted OCSP response to a vulnerable application. The EPSS score is not published, and the vulnerability is not in the CISA KEV list, indicating no publicly known exploits at this time.

Generated by OpenCVE AI on June 25, 2026 at 22:50 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade wolfSSL to a version that incorporates the fix from pull request 10554.
  • If an upgrade is not immediately possible, disable OCSP revocation checks for impacted components or replace OCSP with another revocation mechanism.
  • Implement application-level safeguards that verify the length of the serial number matches exactly before accepting any OCSP reply, preventing prefix matches.

Generated by OpenCVE AI on June 25, 2026 at 22:50 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 26 Jun 2026 01:45:00 +0000

Type Values Removed Values Added
First Time appeared Wolfssl
Wolfssl wolfssl
Vendors & Products Wolfssl
Wolfssl wolfssl

Thu, 25 Jun 2026 21:30:00 +0000

Type Values Removed Values Added
Description OCSP CertID serial-number length-confusion in wolfSSL_OCSP_resp_find_status allows a same-issuer SingleResponse whose serial is a prefix of the target serial to be reported as the revocation status of a different certificate. The lookup compared serial-number bytes without first requiring the two serial numbers to be of equal length, so a SingleResponse for one certificate (same issuer) whose serial is a prefix of the target's serial would match, returning the wrong certificate's status. The fix requires the serial lengths to be equal before comparing the serial bytes.
Title OCSP CertID serial-number length-confusion in wolfSSL_OCSP_resp_find_status
Weaknesses CWE-295
References
Metrics cvssV4_0

{'score': 6.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N'}

Subscriptions

Wolfssl Wolfssl
cve-icon MITRE

Status: PUBLISHED

Assigner: wolfSSL

Published:

Updated: 2026-06-25T21:16:45.850Z

Reserved: 2026-05-29T15:03:08.877Z

Link: CVE-2026-10098

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-26T01:30:16Z

Weaknesses
  • CWE-295

    Improper Certificate Validation