The vulnerability originates in the ConfirmNameConstraints() routine in wolfSSL's certificate verification component, where URI name constraints imported from constrained intermediate CAs are parsed but not enforced. This allows a malicious or compromised sub‑CA to issue a leaf certificate containing a URI Subject Alternative Name that violates the parent CA's constraints. Consequently, wolfSSL would accept the certificate as valid, effectively bypassing the intended naming policy and allowing the use of unauthorized URIs within the TLS connection.

All deployments that use wolfSSL for TLS are potentially affected, as the flaw exists in the open‑source wolfcrypt library and is present in all builds until patched. Any application or device that does not enforce its own URI SAN validation and relies on wolfSSL for certificate chain verification is susceptible.

The CVSS base score of 7 indicates high risk. EPSS data is not provided, but the vulnerability is not listed in the CISA KEV catalog, suggesting no known public exploitation yet. Attackers would need a sub‑CA capable of creating certificates and could use a compromised internal CA or an attacker‑controlled CA. Because the attack only requires certificate issuance, the threat is realistic, especially in environments where cross‑CA trust is present. Operators should treat this as a high‑risk flaw and apply the vendor‑supplied patch promptly.