Vulnerability in Wolfssl

CVE-2026-6412

Certificate policy and RFC 8446 compliance concerns regarding the continued acceptance of SHA-1/MD5 in certificate processing.

Vulnerability class: POODLE (CVE-2014-3566)

Affected products

Wolfssl — versions 3.9.10

Weakness classification (CWE)

CWE-327 — Use of a Broken or Risky Cryptographic Algorithm

References

facts@wolfssl.com (patch)
facts@wolfssl.com