CVE-2026-10275: Buffer Overflow in OpenSC
A flaw has been found in OpenSC up to 0.26.1. This affects the function test_kpgen_certwrite of the file src/tools/pkcs11-tool.c of the component pkcs11-tool Key Generation Module. This manipulation causes buffer overflow. The attack is possible to be carried out remotely. The complexity of an attack is rather high. It is indicated that the exploitability is difficult. The exploit has been published and may be used. Patch name: 814f745b3b6d100295f65f1935edd33d520d33ab. It is recommended to apply a patch to fix this issue.
AI Analysis
Technical Summary
This vulnerability involves a buffer overflow in the test_kpgen_certwrite function within the pkcs11-tool component of OpenSC (up to version 0.26.1). The flaw allows remote attackers to potentially cause memory corruption by manipulating input to this function. Exploitation complexity is high, and user interaction is required. The vulnerability has a low CVSS score of 2.3, indicating limited impact. A patch identified by commit 814f745b3b6d100295f65f1935edd33d520d33ab is available and should be applied to fix the issue.
Potential Impact
The buffer overflow could lead to memory corruption, which might affect the stability or security of the affected system. However, the low CVSS score and high attack complexity suggest limited risk. No known exploits are reported in the wild at this time.
Mitigation Recommendations
A patch identified by commit 814f745b3b6d100295f65f1935edd33d520d33ab is available to fix this vulnerability. It is recommended to apply this patch to OpenSC versions 0.26.0 and 0.26.1 to remediate the issue. No additional vendor advisory or official fix details are provided, so users should monitor the OpenSC project for official releases incorporating this patch.
CVE-2026-10275: Buffer Overflow in OpenSC
Description
A flaw has been found in OpenSC up to 0.26.1. This affects the function test_kpgen_certwrite of the file src/tools/pkcs11-tool.c of the component pkcs11-tool Key Generation Module. This manipulation causes buffer overflow. The attack is possible to be carried out remotely. The complexity of an attack is rather high. It is indicated that the exploitability is difficult. The exploit has been published and may be used. Patch name: 814f745b3b6d100295f65f1935edd33d520d33ab. It is recommended to apply a patch to fix this issue.
CVSS v4.0
Score 2.3low
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This vulnerability involves a buffer overflow in the test_kpgen_certwrite function within the pkcs11-tool component of OpenSC (up to version 0.26.1). The flaw allows remote attackers to potentially cause memory corruption by manipulating input to this function. Exploitation complexity is high, and user interaction is required. The vulnerability has a low CVSS score of 2.3, indicating limited impact. A patch identified by commit 814f745b3b6d100295f65f1935edd33d520d33ab is available and should be applied to fix the issue.
Potential Impact
The buffer overflow could lead to memory corruption, which might affect the stability or security of the affected system. However, the low CVSS score and high attack complexity suggest limited risk. No known exploits are reported in the wild at this time.
Mitigation Recommendations
A patch identified by commit 814f745b3b6d100295f65f1935edd33d520d33ab is available to fix this vulnerability. It is recommended to apply this patch to OpenSC versions 0.26.0 and 0.26.1 to remediate the issue. No additional vendor advisory or official fix details are provided, so users should monitor the OpenSC project for official releases incorporating this patch.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- VulDB
- Date Reserved
- 2026-05-31T16:00:08.522Z
- Cvss Version
- 4.0
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 6a1dbb9de29bf47b501c569b
Added to database: 6/1/2026, 5:04:29 PM
Last enriched: 6/1/2026, 5:34:07 PM
Last updated: 6/2/2026, 5:05:37 AM
Views: 9
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.