Vulnerabilities

CVE-2026-3503

by Fred · 19/03/2026

Protection mechanism failure in wolfCrypt post-quantum implementations (ML-KEM and ML-DSA) in wolfSSL on ARM Cortex-M microcontrollers allows a physical attacker to compromise key material and/or cryptographic outcomes via induced transient faults that corrupt or redirect seed/pointer values during Keccak-based expansion.

This issue affects wolfSSL (wolfCrypt): commit hash d86575c766e6e67ef93545fa69c04d6eb49400c6.

More information : https://github.com/wolfSSL/wolfssl/pull/9734

Similar

Tags: Cybersecurity Alert