PT-2026-45451 · Opensc · Opensc

Fantasy

Published

2026-06-01

Updated

2026-06-13

CVE-2026-10275

CVSS v2.0

5.1

Medium

Vector

AV:N/AC:H/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions OpenSC versions prior to 0.26.2

Description A buffer overflow occurs in the pkcs11-tool Key Generation Module within the test kpgen certwrite() function of the src/tools/pkcs11-tool.c file. This issue allows for remote attacks, although the complexity is high and exploitability is considered difficult.

Recommendations Apply patch 814f745b3b6d100295f65f1935edd33d520d33ab to resolve the issue. As a temporary workaround, restrict the use of the test kpgen certwrite() function.

Exploit

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-120CWE-119

Related Identifiers

CVE-2026-10275

OPENSUSE-SU-2026:11022-1

Affected Products

Opensc

PT-2026-45451 · Opensc · Opensc

CVE-2026-10275

Weakness Enumeration

Related Identifiers

Affected Products

References · 18