Affected Users: wolfSSH with SFTP enabled on the server side before version 1.4.21. Summary: A stack overflow vulnerability was discovered in wolfSSH’s SFTP server implementation. After an SFTP connection is established, a malicious SFTP client could send a specially crafted read, write, or set state SFTP packet that would cause the SFTP server code to […]
Read MoreMore TagCategory: Uncategorized
Bringing FIPS 140-3 to Proxmox Virtual Environments with wolfCrypt-FIPS
Organizations in government, healthcare, finance, and critical infrastructure sectors are required to meet stringent compliance standards, and FIPS 140-3 certification has become a key requirement for cryptographic modules used in regulated environments. wolfSSL is uniquely positioned to help bring this level of certification to Proxmox Virtual Environment (PVE), one of the most popular open-source virtualization […]
Read MoreMore TagThe DEADBEEF RNG Example Revisited
A while ago we had made a blog post and a patch that showed how someone could integrate their new RNG (Random Number Generator) into our wolfCrypt library. That methodology works, but it has a fairly obvious flaw. It assumed your RNG included the DRBG (Deterministic Random Bit Generator) as part of its implementation. You […]
Read MoreMore TagVulnerability Disclosure: wolfSSL (CVE-2025-7395)
Affected Users: Anyone using wolfSSL on Apple platforms with versions after 5.7.6 and before 5.8.2, specifically when built with WOLFSSL_SYS_CA_CERTS and WOLFSSL_APPLE_NATIVE_CERT_VALIDATION enabled (default for non-macOS Apple targets when using autotools or CMake). Summary: When using system CA certificates and Apple native certificate validation on Apple platforms, the native trust store verification routine incorrectly overrides […]
Read MoreMore TagKick Off 2026 with wolfSSL: Two-Part Getting Started with wolfSSL Webinar
Learn how to build, configure, and debug secure TLS applications with wolfSSL. Join us for this two-part technical webinar series, Getting Started with wolfSSL. These sessions walk through the fundamentals of wolfSSL—from building the library to integrating TLS into real applications. Led by wolfSSL Engineering Manager Chris Conlon, the series focuses on practical concepts, core […]
Read MoreMore TagCrypto-Agility in the LMS Private Key
Here at wolfSSL, we have enhanced our Leighton-Micali Signature (LMS) implementation with a new optional state serialization feature that significantly improves key reload performance for applications requiring frequent signing operations. The LMS post-quantum signature scheme is stateful by nature, meaning each signature operation updates the internal state of the private key, and this state must […]
Read MoreMore TagML-KEM hybrid TLS 1.3 Codepoint Backwards Compatibility
Here at wolfSSL, we have merged an important pull request addressing backward compatibility for post-quantum cryptography in TLS 1.3. This enhancement focuses on ML-KEM (Module-Lattice-Based Key Encapsulation Mechanism) codepoints, ensuring seamless interoperability between wolfSSL versions across the 5.8.0 release boundary. Prior to version 5.8.0, wolfSSL used specific codepoint identifiers for hybrid key exchange algorithms combining […]
Read MoreMore TagwolfSSL exhibiting at CES 2026!
wolfSSL is excited to announce that we will be exhibiting at CES 2026 from January 6 – 9 in Las Vegas at Booth 3970 in the Las Vegas Convention Center. This year, we are highlighting our growing portfolio of high-assurance security solutions built for today’s automotive, embedded, and connected device ecosystems. We will be showcasing […]
Read MoreMore TagwolfSSL Ada Wrapper Now Available in Alire Package Manager
The wolfSSL team is pleased to announce that the Ada language wrapper for wolfSSL version 5.8.0 is now prepared for inclusion in the Alire package index. This update represents an important milestone in making wolfSSL’s industry-leading cryptographic library more accessible to the Ada programming community through their native package management ecosystem. For those unfamiliar with […]
Read MoreMore TagSecuring the Edge AI with wolfSSL on the STM32N6
The rise of Edge AI demands robust security solutions, and the STM32N6, with its integrated Neural Processing Unit, stands out as a powerful platform for these applications. When paired with wolfSSL’s comprehensive security offerings, the STM32N6 becomes an even more formidable solution for secure Edge AI deployments. The STM32N6 is the first STM32 MCU to […]
Read MoreMore Tag