CVE-2026-10275

MEDIUM 5.0

OpenSC pkcs11-tool Key Generation pkcs11-tool.c test_kpgen_certwrite buffer overflow

CVSS Score

5.0

EPSS Score

0.0%

EPSS Percentile

0th

A flaw has been found in OpenSC up to 0.26.1. This affects the function test_kpgen_certwrite of the file src/tools/pkcs11-tool.c of the component pkcs11-tool Key Generation Module. This manipulation causes buffer overflow. The attack is possible to be carried out remotely. The complexity of an attack is rather high. It is indicated that the exploitability is difficult. The exploit has been published and may be used. Patch name: 814f745b3b6d100295f65f1935edd33d520d33ab. It is recommended to apply a patch to fix this issue.

CWE	CWE-120 CWE-119
Vendor	n/a
Product	opensc
Published	Jun 1, 2026
Last Updated	Jun 1, 2026

Stay Ahead of the Next One

Get instant alerts for n/a opensc

Be the first to know when new medium vulnerabilities affecting n/a opensc are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

Affected Versions

n/a / OpenSC

0.26.0 0.26.1

References

NVD ↗ CVE.org ↗ EPSS Data ↗

vuldb.com: https://vuldb.com/vuln/367568 vuldb.com: https://vuldb.com/vuln/367568/cti vuldb.com: https://vuldb.com/cve/CVE-2026-10275 vuldb.com: https://vuldb.com/submit/825403 github.com: https://github.com/OpenSC/OpenSC/issues/3682 github.com: https://github.com/OpenSC/OpenSC/pull/3684 pan.baidu.com: https://pan.baidu.com/s/1nrZPKDz2eAcCpsaFiIRlrg github.com: https://github.com/OpenSC/OpenSC/commit/814f745b3b6d100295f65f1935edd33d520d33ab github.com: https://github.com/OpenSC/OpenSC/

Credits

🔍 Fantasy (VulDB User)