CVE-2026-40528 | OpenSC up to 0.26.x Profile src/pkcs15init/profile.c do_key_value key stack-based overflow

A vulnerability labeled as critical has been found in OpenSC up to 0.26.x. The affected element is the function do_key_value of the file src/pkcs15init/profile.c of the component Profile Handler. The manipulation of the argument key results in stack-based buffer overflow.

This vulnerability is known as CVE-2026-40528. An attack on the physical device is feasible. No exploit is available.

The affected component should be upgraded.VulDB Recent EntriesRead More