CVE-2025-66037 | OpenSC up to 0.26.x X.509/SPKI sc_pkcs15_pubkey_from_spki_fields out-of-bounds

A vulnerability categorized as critical has been discovered in OpenSC up to 0.26.x. Affected by this vulnerability is the function sc_pkcs15_pubkey_from_spki_fields of the component X.509/SPKI. The manipulation results in out-of-bounds read.

This vulnerability is reported as CVE-2025-66037. An attack on the physical device is feasible. No exploit exists.

It is advisable to upgrade the affected component.VulDB Recent EntriesRead More