CVE-2026-11310
Undergoing Analysis Undergoing Analysis - In Progress
X.509 Trust-Chain Bypass in wolfSSL

Publication date: 2026-06-25

Last updated on: 2026-06-25

Assigner: wolfSSL Inc.

Description
X.509 trust-chain bypass in the OpenSSL compatibility certificate verifier (wolfSSL_X509_verify_cert()). This affects only builds with --enable-opensslextra (OPENSSL_EXTRA) and whose application validates certificates by calling X509_verify_cert() with caller-supplied untrusted intermediate certificates; for those users it is critical, otherwise the library is unaffected. In particular, native wolfSSL TLS/DTLS usage is not impacted. wolfSSL's X509_verify_cert() temporarily loads each caller-supplied untrusted intermediate into the certificate manager but failed to drop them before the trusted-store check, so an untrusted intermediate could anchor the path itself. An attacker can present a chain that never reaches a configured trust anchor and have it accepted, resulting in acceptance of an attacker-controlled certificate. This is certificate verification independent of TLS (e.g. S/MIME/CMS, code/firmware signing, JWT/JWS x5c), is not specific to any key type or algorithm, and a single untrusted intermediate suffices. The default wolfSSL TLS handshake (WOLFSSL_VERIFY_PEER) is not affected; only TLS applications doing manual or deferred peer verification through this API are, which also requires --enable-sessioncerts.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-25
Last Modified
2026-06-25
Generated
2026-06-26
AI Q&A
2026-06-26
EPSS Evaluated
N/A
NVD
CVE-2026-11310
EUVD
EUVD-2026-39548
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
wolfssl wolfssl *
wolfssl wolfssl 5.9.2
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-295 The product does not validate, or incorrectly validates, a certificate.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is an X.509 trust-chain bypass in the OpenSSL compatibility certificate verifier function wolfSSL_X509_verify_cert() within the wolfSSL library. It affects only builds with the --enable-opensslextra option enabled and applications that validate certificates by calling X509_verify_cert() with untrusted intermediate certificates supplied by the caller.

The issue arises because wolfSSL temporarily loads each untrusted intermediate certificate into the certificate manager but fails to remove them before checking against the trusted certificate store. This allows an untrusted intermediate certificate to act as a trust anchor, effectively bypassing the normal trust chain verification.

As a result, an attacker can present a certificate chain that does not reach a legitimate configured trust anchor but is still accepted as valid, enabling acceptance of attacker-controlled certificates. This affects certificate verification processes independent of TLS, such as S/MIME, CMS, code or firmware signing, and JWT/JWS x5c.

Notably, native wolfSSL TLS/DTLS usage with default verification is not impacted; only applications performing manual or deferred peer verification through this API with --enable-opensslextra and --enable-sessioncerts are vulnerable.

Impact Analysis

This vulnerability can lead to acceptance of attacker-controlled certificates by bypassing the normal trust chain verification process. An attacker could exploit this to impersonate trusted entities or sign malicious content that appears valid.

Potential impacts include unauthorized access, data interception, or execution of malicious code if certificate-based authentication or signing is relied upon.

Since the vulnerability affects certificate verification outside of the standard TLS handshake, it can impact various security mechanisms such as secure email (S/MIME), code or firmware signing, and JSON Web Token validation, potentially undermining their trustworthiness.

Compliance Impact

This vulnerability allows an attacker to bypass X.509 trust-chain verification, potentially causing acceptance of attacker-controlled certificates. Such a flaw can undermine the integrity and authenticity of secure communications and data exchanges.

Because the vulnerability affects certificate verification independent of TLS (including S/MIME, code signing, JWT, etc.), it can lead to unauthorized access or data manipulation, which may violate security requirements mandated by standards like GDPR and HIPAA.

Organizations relying on affected wolfSSL builds with --enable-opensslextra and manual certificate verification may face increased risk of data breaches or unauthorized data access, potentially impacting compliance with these regulations.

Detection Guidance

This vulnerability affects only wolfSSL builds with --enable-opensslextra (OPENSSL_EXTRA) that use the X509_verify_cert() function with caller-supplied untrusted intermediate certificates. Detection involves identifying if your application uses this specific configuration and API usage.

Since the vulnerability is related to certificate verification independent of TLS (e.g., S/MIME, CMS, code signing, JWT x5c), network detection is challenging. Instead, you should audit your application code or binaries to check if they call wolfSSL_X509_verify_cert() with untrusted intermediates and if the build includes OPENSSL_EXTRA.

No specific commands for network or system detection are provided in the available resources.

Mitigation Strategies

The immediate mitigation is to upgrade wolfSSL to version 5.9.2 or later, which includes fixes for this vulnerability.

The fix ensures that certificate verification requires a trusted anchor, rejects certificate chains exceeding allowed depth, and properly cleans up caller-supplied intermediates to prevent false trust anchors.

If upgrading is not immediately possible, avoid using the --enable-opensslextra build option or refrain from calling X509_verify_cert() with untrusted intermediate certificates until a patched version is deployed.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-11310. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart