Linux Distros Unpatched Vulnerability : CVE-2026-10275

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw has been found in OpenSC up to 0.26.1. This affects the function testkpgencertwrite of the file src/tools/pkcs11-tool.c of the component pkcs11-tool Key...

DEBIAN-CVE-2026-10275

A flaw has been found in OpenSC up to 0.26.1. This affects the function testkpgencertwrite of the file src/tools/pkcs11-tool.c of the component pkcs11-tool Key Generation Module. This manipulation causes buffer overflow. The attack is possible to be carried out remotely. The complexity of an atta...

EUVD-2026-33680

A flaw has been found in OpenSC up to 0.26.1. This affects the function testkpgencertwrite of the file src/tools/pkcs11-tool.c of the component pkcs11-tool Key Generation Module. This manipulation causes buffer overflow. The attack is possible to be carried out remotely. The complexity of an atta...

PT-2026-45451

A flaw has been found in OpenSC up to 0.26.1. This affects the function test kpgen certwrite of the file src/tools/pkcs11-tool.c of the component pkcs11-tool Key Generation Module. This manipulation causes buffer overflow. The attack is possible to be carried out remotely. The complexity of an...

CVE-2026-40510

OpenSC before 0.27.0-rc1, fixed in commit 3f24f0b, contains a stack buffer overflow vulnerability in pivprocesshistory in src/libopensc/card-piv.c that allows physically present attackers to trigger memory corruption by presenting a crafted PIV smart card or USB device returning a URL field longe...

EUVD-2026-33320

OpenSC before 0.27.0, fixed in commit 0358817, contains a stack and heap buffer overrun vulnerability in the dokeyvalue function in src/pkcs15init/profile.c that allows attackers to corrupt memory by supplying a crafted profile configuration file. During pkcs15-init invocation, a key value entry...

Astra Linux - уязвимость в opensc

OpenSC before version 0.20.0 has a double-free issue in coolkeyfreeprivatedata, because the coolkeyaddobject function in libopensc/card-coolkey.c lacks a uniqueness check...

Astra Linux - уязвимость в opensc

Buffer overflow issues were identified in Opensc before version 0.22.0 in various locations, which could potentially cause programs using the library to crash...

Astra Linux - уязвимость в opensc

A vulnerability was discovered in OpenSC, OpenSC tools, the PKCS11 module, minidrivers, and CTK. An attacker could use a specially crafted USB device or smart card, causing the system to send specially crafted APDUs. Insufficient or missing checks on the return values of functions lead to...

Astra Linux - уязвимость в opensc

The Oberthur smart card software driver in OpenSC before version 0.21.0-rc1 has a heap-based buffer overflow in the scoberthurreadfile function...

Astra Linux - уязвимость в opensc

A heap usage issue after a free operation was detected in Opensc before version 0.22.0 in scfilevalid...

Astra Linux - уязвимость в opensc

A issue was discovered in OpenSC between versions 0.19.0 and 0.20.x, as well as in versions 0.20.0-rc3. There is an incorrect read operation in the code for libopensc/card-setcos.c during the parsing of a SETCOS file attribute...

Astra Linux - уязвимость в opensc

The “use-after-free” vulnerability was identified in the AuthentIC driver within the OpenSC package. It occurs during the card enrollment process, specifically when using the pkcs15-init function. An attacker must have physical access to the computer system and must use a specially crafted USB...

Astra Linux - уязвимость в opensc

A vulnerability related to the “return issue” was discovered in Opensc before version 0.22.0. This vulnerability exists in the “insertpin” function, and it could potentially cause programs using the library to crash...

Astra Linux - уязвимость в opensc

Heap buffer overflow issues were identified in Opensc before version 0.22.0 in the pkcs15-oberthur.c file, which could potentially cause programs using the library to crash...

Linux Distros Unpatched Vulnerability : CVE-2025-13763

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple uses of uninitialized variables were found in libopensc that may lead to information disclosure or application crash. An attack requires a crafted USB...

Linux Distros Unpatched Vulnerability : CVE-2025-66215

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenSC is an open source smart card tools and middleware. Prior to version 0.27.0, an attacker with physical access to the computer at the time user or...

MiracleLinux 8 : opensc-0.20.0-8.el8_9 (AXSA:2024-7554:03)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-7554:03 advisory. OpenSC: Side-channel leaks while stripping encryption PKCS1 padding CVE-2023-5992 Tenable has extracted the preceding description block directly from the...

MiracleLinux 8 : opensc-0.20.0-6.el8 (AXSA:2023-7249:02)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2023-7249:02 advisory. opensc: buffer overrun vulnerability in pkcs15 cardoshaveverifyrcpackage CVE-2023-2977 Tenable has extracted the preceding description block directly from th...

MiracleLinux 9 : opensc-0.23.0-4.el9_3 (AXSA:2024-7558:04)

The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-7558:04 advisory. OpenSC: Side-channel leaks while stripping encryption PKCS1 padding CVE-2023-5992 Tenable has extracted the preceding description block directly from the...