Low severityNVD Advisory· Published Dec 11, 2025· Updated Apr 15, 2026

CVE-2025-13912

Description

Multiple constant-time implementations in wolfSSL before version 5.8.4 may be transformed into non-constant-time binary by LLVM optimizations, which can potentially result in observable timing discrepancies and lead to information disclosure through timing side-channel attacks.

Patches

59f4fa568615

https://github.com/wolfSSL/wolfsslvia osv

234ba7780ad3

https://github.com/wolfSSL/wolfsslvia osv

PR #9148

Vulnerability mechanics

Generated by null/stub on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

github.com/wolfSSL/wolfssl/pull/9148nvd

News mentions

No linked articles in our index yet.

cvss	0.065
epss	0.000
exploit	0.000
kev	0.000
patch	-0.070
ransomware	0.000