cvedb.io
CVE-2026-6450
MEDIUM · CVSS 5.3
EPSS exploitation probability: 0%
Published 2026-06-25T21:16:27.917 · Last modified 2026-06-27T18:32:15.290

Summary

A CRL critical extension bypass exists in ParseCRL_Extensions where critical extensions are not properly enforced, allowing a crafted CRL with an unhandled critical extension to be accepted. This only affects builds with CRL support enabled and where a crafted CRL had a trusted signature when parsed.

Affected products

wolfssl — wolfssl

Does this affect you?

Add your gear to cvedb and we'll alert you only when wolfssl ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.