ANT-2026-SB4PHA43 · wolfSSL

crypto-failure high

CVE-2026-5446

Severity Claude high · Security research firm high · Maintainer -

Discovered by Claude Mythos Preview

REPORT

Anthropic's analysis, sealed at approval. Disclosure to the maintainer was performed by Calif.

ANT-2026-SB4PHA43: ARIA-GCM Nonce Reuse in TLS 1.2 Record Encryption in wolfSSL

The ARIA-GCM implementation reuses nonces when encrypting TLS 1.2 records.

Target

Project: wolfSSL
Discovery: static analysis — not yet dynamically reproduced

Reproduction

This finding was identified by static analysis and has not yet been dynamically reproduced. A trigger input is not included.

[No reproducer or sanitizer output attached — request from cvd@anthropic.com if needed.]

Acknowledgement

This vulnerability was discovered by Claude, Anthropic's AI assistant, and triaged by the Anthropic security team in collaboration with Anthropic Research. Please direct questions to security-cvd@anthropic.com and reference ANT-2026-SB4PHA43.

Reference: ANT-2026-SB4PHA43
Anthropic CVD Policy: https://anthropic.com/security/cvd-policy

SECURITY RESEARCH FIRM ANALYSIS

Triage and disclosure were performed by Calif.

Verdict
true positive
Severity
high
TIMELINE

Dates from discovery through public reveal.

  1. 2026-03-29 Reported to tracker
  2. 2026-05-07 Sent to maintainer
  3. 2026-05-07 Patch released
  4. 2026-05-07 Maintainer acknowledged
  5. 2026-05-20 Publicly revealed
PROVENANCE

SHA-3-512 hash:

42db4adeeadfd87fee4e773a054ec682b406867ffe8d0e9cc84b22a2c51a7726959887e1bc23098eea81effa882b38313a69a5acc6a465e8d3162b57e754ed79

Committed 2026-05-07 00:03 PT

Revealed 2026-05-20 00:40 PT

Verify (download preimage.json)

Show preimage JSON 
{
  "ant_id": "ANT-2026-SB4PHA43",
  "bug_class": "Cryptographic Nonce Reuse",
  "claude_severity": "high",
  "commit_sha": null,
  "created_at": "2026-03-29T20:42:29+00:00",
  "description": "The ARIA-GCM implementation reuses nonces when encrypting TLS 1.2 records.",
  "discovered_at": null,
  "location": null,
  "poc_sha256": null,
  "preimage_version": 1,
  "project": "wolfSSL",
  "reproduction": null,
  "technical_details": null,
  "title": "ARIA-GCM Nonce Reuse in TLS 1.2 Record Encryption in wolfSSL",
  "vendor_severity": "high"
}