← Volver a CVEs
CVE-2026-5504
N/ADescripcion
A padding oracle exists in wolfSSL's PKCS7 CBC decryption that could allow an attacker to recover plaintext through repeated decryption queries with modified ciphertext. In previous versions of wolfSSL the interior padding bytes are not validated.
Detalles CVE
Puntuacion CVSS v3.1N/A
Publicado4/9/2026
Ultima modificacion4/13/2026
Fuentenvd
Avistamientos honeypot0
Debilidades (CWE)
CWE-354
Referencias
https://github.com/wolfSSL/wolfssl/pull/10088(facts@wolfssl.com)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.