When the authentication tag made with wc_AesGcmEncrypt is different when trying to decrypt with wc_AesGcmDecryp I expect some kind of error result.

In aes.c function wc_AesGcmDecrypt with WOLFSSL_STM32_CUBEMX define:

 if (ret == 0 && ConstantCompare(authTag, tag, authTagSz) == 0) {
        /* Only keep the decrypted data if authTag success. */
        XMEMCPY(out, inPadded, sz);
        ret = 0; /* success */
    }

If the result of ConstantCompare is not zero ret will still be zero. I expect that ret will be negative because the given auth tag does not match with the calculated one in the decrypt function. The data is successfully decrypted but the additional data could be compromised.