CVE-2026-10275: OpenSC pkcs11-tool Buffer Overflow
🟠 High | Source: Microsoft Security Response Center CVE-2026-10275 is a buffer overflow vulnerability in OpenSC’s pkcs11-tool, specifically within the key generation and certificate writing functionality in pkcs11-tool.c. The flaw could allow an attacker to corrupt memory during PKCS#11 cryptographic operations, potentially leading to arbitrary code execution or service crashes. This matters because OpenSC is widely used to interact with hardware security modules (HSMs) and smart cards, including in Azure and hybrid environments. ...