CVE-2026-7511

Source
https://cve.org/CVERecord?id=CVE-2026-7511
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-7511.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-7511
Downstream
Published
2026-06-25T21:32:29.283Z
Modified
2026-07-16T03:48:47.580893609Z
Severity
  • 5.9 (Medium) CVSS_V4 - CVSS:4.0/AV:A/AC:H/AT:P/PR:N/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N CVSS Calculator
Summary
PKCS7_verify signer confusion allows forged signatures to be accepted
Details

PKCS7_verify signer confusion allows forged signatures, where the signer associated with a signature is not correctly bound, permitting a forged signature to be accepted.

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/7xxx/CVE-2026-7511.json",
    "cwe_ids": [
        "CWE-347"
    ],
    "cna_assigner": "wolfSSL"
}
References

Affected packages

Git / github.com/wolfssl/wolfssl

Affected ranges

Type
GIT
Repo
https://github.com/wolfssl/wolfssl
Events
Database specific
{
    "extracted_events": [
        {
            "introduced": "3.15.5"
        },
        {
            "last_affected": "5.9.1"
        },
        {
            "fixed": "5.9.2"
        }
    ],
    "source": [
        "AFFECTED_FIELD",
        "CPE_RANGE"
    ],
    "cpe": "cpe:2.3:a:wolfssl:wolfssl:*:*:*:*:*:*:*:*"
}

Affected versions

WCv5.*
WCv5.0-RC10
WCv5.0-RC11
WCv5.0-RC12
WCv5.0-RC9
Other
list
wolfEntropy1
wolfEntropy2d
v3.*
v3.15.5a
v3.15.6
v3.15.7-stable
v4.*
v4.0.0-stable
v4.1.0-stable
v4.2.0-stable
v4.2.0c
v4.3.0-stable
v4.4.0-stable
v4.5.0-stable
v4.6.0-stable
v4.7.0-stable
v4.7.1r
v4.8.0-stable
v5.*
v5.0.0-stable
v5.1.0-stable
v5.2.0-stable
v5.2.1
v5.3.0-stable
v5.4.0-stable
v5.5.0-stable
v5.5.1-stable
v5.5.2-stable
v5.5.3-stable
v5.5.4-stable
v5.6.0-stable
v5.6.2-stable
v5.6.3-stable
v5.6.4-stable
v5.6.6-stable
v5.7.0-stable
v5.7.2-stable
v5.7.4-stable
v5.7.6-stable
v5.8.0-stable
v5.8.2-stable
v5.8.4-stable
v5.9.0-stable
v5.9.1-stable

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-7511.json"