SUSE-SU-2026:20434-1 Security update for openCryptoki

This update for openCryptoki fixes the following issues: Upgrade openCryptoki to 3.26 jscPED-14609 Security fixes: - CVE-2026-22791: supplying malformed compressed EC public key can lead to heap corruption or denial-of-service bsc1256673. - CVE-2026-23893: Privilege Escalation or Data Exposure vi...

SUSE-SU-2026:20345-1 Security update for openCryptoki

This update for openCryptoki fixes the following issues: Upgrade openCryptoki to 3.26 jscPED-14609 Security fixes: - CVE-2026-22791: supplying malformed compressed EC public key can lead to heap corruption or denial-of-service bsc1256673. - CVE-2026-23893: Privilege Escalation or Data Exposure vi...

OPENSUSE-SU-2026:20233-1 Security update for openCryptoki

This update for openCryptoki fixes the following issues: Upgrade openCryptoki to 3.26 jscPED-14609 Security fixes: - CVE-2026-22791: supplying malformed compressed EC public key can lead to heap corruption or denial-of-service bsc1256673. - CVE-2026-23893: Privilege Escalation or Data Exposure vi...

Security update for openCryptoki

This update for openCryptoki fixes the following issues: CVE-2026-23893: Privilege Escalation or Data Exposure via Symlink Following bsc1257116. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively yo...

SUSE-SU-2026:0481-1 Security update for openCryptoki

This update for openCryptoki fixes the following issues: - CVE-2026-23893: Privilege Escalation or Data Exposure via Symlink Following bsc1257116...

OESA-2026-1322 opencryptoki security update

openCryptoki is an implementation of the PKCS 11 API that allows interfacing to devices that hold cryptographic information and perform cryptographic functions. openCryptoki provides application portability by isolating the application from the details of the cryptographic device. Isolating the...

Linux Distros Unpatched Vulnerability : CVE-2026-23893

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - openCryptoki is a PKCS11 library and provides tooling for Linux and AIX. Versions 2.3.2 and above are vulnerable to symlink-following when running in privileged...

openSUSE Security Advisory (SUSE-SU-2026:0351-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE 15 Security Update : openCryptoki (SUSE-SU-2026:0351-1)

The remote openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2026:0351-1 advisory. - CVE-2026-23893: Fixed privilege escalation or data exposure via symlink following bsc1257116 Tenable has extracted the preceding description block directly...

SUSE-SU-2026:0351-1 Security update for openCryptoki

This update for openCryptoki fixes the following issues: - CVE-2026-23893: Fixed privilege escalation or data exposure via symlink following bsc1257116...

Security update for openCryptoki

This update for openCryptoki fixes the following issues: CVE-2026-23893: Fixed privilege escalation or data exposure via symlink following bsc1257116 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternative...

SUSE SLES15 Security Update : openCryptoki (SUSE-SU-2026:0291-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:0291-1 advisory. - CVE-2026-22791: Fixed supplying malformed compressed EC public key can lead to heap corruption or denial-of-service bsc1256673. Tenable ha...

Security update for openCryptoki

This update for openCryptoki fixes the following issues: CVE-2026-22791: Fixed supplying malformed compressed EC public key can lead to heap corruption or denial-of-service bsc1256673. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...

SUSE-SU-2026:0291-1 Security update for openCryptoki

This update for openCryptoki fixes the following issues: - CVE-2026-22791: Fixed supplying malformed compressed EC public key can lead to heap corruption or denial-of-service bsc1256673...

openCryptoki-3.26.0-4.1 on GA media (moderate)

openCryptoki-3.26.0-4.1 on GA media Announcement ID: openSUSE-SU-2026:10086-1 Rating: moderate Cross-References: CVE-2026-23893 CVSS scores: CVE-2026-23893 SUSE : 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can no...

OPENSUSE-SU-2026:10086-1 openCryptoki-3.26.0-4.1 on GA media

These are all security issues fixed in the openCryptoki-3.26.0-4.1 package on the GA media of openSUSE Tumbleweed...

CVE-2026-23893

A flaw was found in openCryptoki, a PKCS11 library and tooling for Linux and AIX. A token-group user can exploit a symlink-following vulnerability by planting symbolic links in group-writable token directories. When an administrator runs a PKCS11 application or administrative tool as root, it may...

CVE-2026-23893

openCryptoki is a PKCS11 library and provides tooling for Linux and AIX. Versions 2.3.2 and above are vulnerable to symlink-following when running in privileged contexts. A token-group user can redirect file operations to arbitrary filesystem targets by planting symlinks in group-writable token...

AZL-75381 CVE-2026-23893 affecting package opencryptoki 3.24.0-3

openCryptoki is a PKCS11 library and provides tooling for Linux and AIX. Versions 2.3.2 and above are vulnerable to symlink-following when running in privileged contexts. A token-group user can redirect file operations to arbitrary filesystem targets by planting symlinks in group-writable token...

AZL-75360 CVE-2026-23893 affecting package opencryptoki 3.17.0-1

openCryptoki is a PKCS11 library and provides tooling for Linux and AIX. Versions 2.3.2 and above are vulnerable to symlink-following when running in privileged contexts. A token-group user can redirect file operations to arbitrary filesystem targets by planting symlinks in group-writable token...