CVE-2025-13763 Libopensc: opensc: multiple uses of uninitialized variable

Multiple uses of uninitialized variables were found in libopensc that may lead to information disclosure or application crash. An attack requires a crafted USB device or smart card that would present the system with specially crafted responses to the APDUs...

CVE-2025-49010

OpenSC is affected prior to 0.27.0 by a stack-buffer-overflow in GET RESPONSE triggered by a crafted USB device or smart card presenting specially crafted APDU responses. The issue requires physical access and user interaction, with a low impact per the CVSS vector. A fix is available in OpenSC 0...