CVE-2026-6331
Received Received - Intake
HMAC Tag Forgery in wolfSSL

Publication date: 2026-06-25

Last updated on: 2026-06-25

Assigner: wolfSSL Inc.

Description
HMAC zero-length tag forgery in EVP_DigestVerifyFinal, where a zero-length tag could be accepted as valid during HMAC verification. In the OpenSSL-compatibility HMAC verify path the supplied signature length was only checked as not exceeding the MAC length, so a zero-length or otherwise truncated tag could pass verification. The fix requires the supplied tag length to exactly equal the MAC length and rejects a zero-length MAC, so a forged short or empty tag is no longer accepted.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-25
Last Modified
2026-06-25
Generated
2026-06-26
AI Q&A
2026-06-26
EPSS Evaluated
N/A
NVD
CVE-2026-6331
EUVD
EUVD-2026-39565
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
wolfssl wolfssl *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-347 The product does not verify, or incorrectly verifies, the cryptographic signature for data.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is an HMAC zero-length tag forgery issue in the EVP_DigestVerifyFinal function. It occurs because the verification process accepted a zero-length or truncated HMAC tag as valid. Specifically, the OpenSSL-compatible HMAC verification path only checked that the supplied signature length did not exceed the MAC length, allowing a zero-length or shortened tag to pass verification incorrectly.

The fix for this vulnerability requires that the supplied tag length exactly matches the MAC length and rejects any zero-length MAC tags, preventing forged short or empty tags from being accepted.

Impact Analysis

This vulnerability can allow an attacker to forge an HMAC tag by providing a zero-length or truncated tag that is incorrectly accepted as valid. This undermines the integrity verification of messages or data protected by HMAC, potentially allowing unauthorized data to be accepted as authentic.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-6331. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart