Vulnerability DatabaseCVE-2026-40528
Mend.io Vulnerability Database
The largest open source vulnerability database
What is a Vulnerability ID?
New vulnerability? Tell us about it!
CVE-2026-40528
Published:May 29, 2026
Updated:June 13, 2026
OpenSC before 0.27.0, fixed in commit 0358817, contains a stack and heap buffer overrun vulnerability in the do_key_value() function in src/pkcs15init/profile.c that allows attackers to corrupt memory by supplying a crafted profile configuration file. During pkcs15-init invocation, a key value entry beginning with '=' followed by more than sizeof(keybuf) characters is copied into keybuf via memcpy without a length check, causing both stack and heap buffer overruns.
Affected Packages
https://github.com/OpenSC/OpenSC.git (GITHUB):
Affected version(s) >=maintainer-pgp-pub <0.27.0
Fix Suggestion:
Update to version 0.27.0
Related Resources (2)
https://github.com/OpenSC/OpenSC/commit/0358817ec74aeca654f83e7709c7720b14c5db59
https://www.vulncheck.com/advisories/opensc-buffer-overrun-in-do-key-value-via-profile-c
Do you need more information?
Contact Us
CVSS v4
Base Score:
1
Attack Vector
PHYSICAL
Attack Complexity
HIGH
Attack Requirements
NONE
Privileges Required
NONE
User Interaction
PASSIVE
Vulnerable System Confidentiality
LOW
Vulnerable System Integrity
LOW
Vulnerable System Availability
LOW
Subsequent System Confidentiality
NONE
Subsequent System Integrity
NONE
Subsequent System Availability
NONE
CVSS v3
Base Score:
3.8
Attack Vector
PHYSICAL
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality
LOW
Integrity
LOW
Availability
LOW
Weakness Type (CWE)
Stack-based Buffer Overflow
CWE-121
Heap-based Buffer Overflow
CWE-122
EPSS
Base Score:
0.01