CVE-2026-3503

UNKNOWN NVD

CVSS Score 0

Severity UNKNOWN

Published Mar 19, 2026

Vendor unknown

Description

Protection mechanism failure in wolfCrypt post-quantum implementations (ML-KEM and ML-DSA) in wolfSSL on ARM Cortex-M microcontrollers allows a physical attacker to compromise key material and/or cryptographic outcomes via induced transient faults that corrupt or redirect seed/pointer values during Keccak-based expansion. This issue affects wolfSSL (wolfCrypt): commit hash d86575c766e6e67ef93545fa69c04d6eb49400c6.

References

https://github.com/wolfSSL/wolfssl/pull/9734