Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

WolfSSL security patch release (CVE-2026-5194)

Security Patch Release
First reported
Last updated
Happening score
H score 20
1 unique sources, 1 articles

Summary

Hide ▲

The wolfSSL project released version 5.9.1 to fix CVE-2026-5194, a cryptographic validation flaw that could let vulnerable deployments accept forged certificates. The patch matters because the issue affects certificate verification across multiple signature algorithms and can weaken authentication. Administrators using wolfSSL should upgrade promptly, especially in embedded and device deployments.

Related Happenings

Ivanti security patch release for CVE-2026-8043

Security Patch Release
First: 18.05.2026 13:54 Last: 18.05.2026 13:54 Sources 1

About this happening: **Ivanti, Fortinet, SAP, Broadcom, and n8n** released **security fixes** on **2026-05-18** for flaws that could enable **authentication bypass**, **remote code execution**, **SQL...

Open Happening

Microsoft security patch release for CVE-2026-41089

Security Patch Release
First: 13.05.2026 00:46 Last: 13.05.2026 00:46 Sources 1

About this happening: **Microsoft** and other major software vendors shipped a heavy **May 2026** patch cycle, with fixes spanning **Windows**, **iOS**, **Firefox**, **Oracle** products, and **Chrome**...

Open Happening

Linux kernel Dirty Frag patch release (CVE-2026-43284, CVE-2026-43500)

Security Patch Release
First: 11.05.2026 17:30 Last: 11.05.2026 17:30 Sources 1

About this happening: **Major Linux distributions** are rolling out fixes for **Dirty Frag**, the **Linux kernel** patch release that covers **CVE-2026-43284** and **CVE-2026-43500**. The update matter...

Open Happening

CPanel security patch release for CVE-2026-29201

Security Patch Release
First: 09.05.2026 10:16 Last: 09.05.2026 10:16 Sources 1

About this happening: **cPanel** released updates for **cPanel and Web Host Manager (WHM)** to fix **three vulnerabilities** that could enable **privilege escalation**, **code execution**, or **denial-...

Open Happening

Linux kernel security update for Copy Fail (CVE-2026-31431)

Security Patch Release
First: 30.04.2026 16:54 Last: 30.04.2026 16:54 Sources 1

About this happening: **Linux kernel** maintainers have fixed **CVE-2026-31431** and are rolling out updates to close a **local privilege escalation** flaw that lets an unprivileged attacker gain **roo...

Open Happening

Timeline

  1. 13.04.2026 22:56 2 articles · 1mo ago

    wolfSSL 5.9.1 fixes CVE-2026-5194

    Mitigation Patch Update

    wolfSSL version 5.9.1 addressed CVE-2026-5194, a cryptographic validation flaw in the wolfSSL SSL/TLS library that could let devices and applications accept forged certificates when ECDSA and related signature verification accepted improperly weak digests. Deployments with ECC and EdDSA or ML-DSA enabled were advised to upgrade to the latest wolfSSL release.

    Show sources
    Open in new tab
  2. 13.04.2026 22:56 1 articles · 1mo ago

    Researchers disclose CVE-2026-5194 in wolfSSL

    Initial Disclosure

    Nicholas Carlini of Anthropic disclosed CVE-2026-5194 in the wolfSSL SSL/TLS library, describing a cryptographic validation flaw that can accept improperly weak digests during certificate verification and may let a target device or application trust forged certificates for malicious servers or connections.

    Show sources
    Open in new tab