CVE-2025-66037 — Out-of-bounds Read in Opensc

CWE-125 — Out-of-bounds Read7 documents7 sources

Severity

6.8MEDIUMNVD

CNA3.9

EPSS

0.0%

top 99.47%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Opensc Opensc Project Opensc

Timeline

PublishedMar 30

Description

OpenSC is an open source smart card tools and middleware. Prior to version 0.27.0, feeding a crafted input to the fuzz_pkcs15_reader harness causes OpenSC to perform an out-of-bounds heap read in the X.509/SPKI handling path. Specifically, sc_pkcs15_pubkey_from_spki_fields() allocates a zero-length buffer and then reads one byte past the end of that allocation. This issue has been patched in version 0.27.0.

CVSS vector

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 0.9 | Impact: 5.9

Affected Packages3 packages

▶CVEListV5opensc/opensc< 0.27.0

▶NVDopensc_project/opensc< 0.27.0

▶Debianopensc_project/opensc< 0.27.1-1

🔴Vulnerability Details

CVEList

OpenSC: Out of Bounds vulnerability↗2026-03-30

▶

OSV

CVE-2025-66037: OpenSC is an open source smart card tools and middleware↗2026-03-30

▶

📋Vendor Advisories

Red Hat

OpenSC: OpenSC: Out-of-bounds read via crafted input↗2026-03-30

▶

Debian

CVE-2025-66037: opensc - OpenSC is an open source smart card tools and middleware. Prior to version 0.27....↗2025

▶

🕵️Threat Intelligence

Wiz

CVE-2025-66037 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶

💬Community

Bugzilla

CVE-2025-66037 opensc: OpenSC: Out-of-bounds read via crafted input [fedora-all]↗2026-03-30

▶