Vulnerability in Wolfssl

CVE-2026-55961

wolfSSL_PKCS7_verify() returning success for a degenerate (certs-only) PKCS#7 object that contains no signer. Such an object has empty signerInfos, so the underlying signed-data verification succeeds without authenticating any content. The…

Affected products

Weakness classification (CWE)

References