CVE Catalog

CVE-2026-10098

MediumCVSS 5.3
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.12%

2th percentile — higher than 2% of all known CVEs

Summary

A vulnerability in the wolfSSL_OCSP_resp_find_status function of the wolfSSL library causes serial number comparison in OCSP responses to not require equal length. This allows a SingleResponse for a certificate whose serial is a prefix of the target's serial to be incorrectly matched, returning the wrong certificate's revocation status.

Risk Assessment

The organization may receive a false certificate revocation status, potentially leading to acceptance of a revoked certificate or rejection of a valid one, compromising trust in TLS communication and the integrity of the verification process.

Recommendation

Immediately update the wolfSSL library to a version containing the fix that requires serial lengths to be equal before comparing the serial bytes in the OCSP function.

Original NVD description (English source)

OCSP CertID serial-number length-confusion in wolfSSL_OCSP_resp_find_status allows a same-issuer SingleResponse whose serial is a prefix of the target serial to be reported as the revocation status of a different certificate. The lookup compared serial-number bytes without first requiring the two serial numbers to be of equal length, so a SingleResponse for one certificate (same issuer) whose serial is a prefix of the target's serial would match, returning the wrong certificate's status. The fix requires the serial lengths to be equal before comparing the serial bytes.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS