Pkcs11

🟠 High | Source: Microsoft Security Response Center CVE-2026-10275 is a buffer overflow vulnerability in OpenSC’s pkcs11-tool, specifically within the key generation and certificate writing functionality in pkcs11-tool.c. The flaw could allow an attacker to corrupt memory during PKCS#11 cryptographic operations, potentially leading to arbitrary code execution or service crashes. This matters because OpenSC is widely used to interact with hardware security modules (HSMs) and smart cards, including in Azure and hybrid environments. ...

🟠 High | Source: Microsoft Security Response Center CVE-2026-42014 is a use-after-free vulnerability in GnuTLS, a widely used cryptographic library, specifically in the function responsible for setting PKCS#11 token PINs. Use-after-free flaws occur when a programme continues to use memory after it has been freed, potentially allowing attackers to execute arbitrary code or cause a crash. This matters because GnuTLS underpins TLS/SSL operations in many Linux-based workloads, including those running on Azure. ...