CVE-2026-40510
LOWOpenSC < 0.27.0-rc1 Stack Buffer Overflow via piv_process_history() in card-piv.c
Title source: cnaDescription
OpenSC before 0.27.0-rc1, fixed in commit 3f24f0b, contains a stack buffer overflow vulnerability in piv_process_history() in src/libopensc/card-piv.c that allows physically present attackers to trigger memory corruption by presenting a crafted PIV smart card or USB device returning a URL field longer than 118 bytes in the Key History Object ASN.1 response.
References (3)
Core 3
Core References
Issue Tracking issue-tracking
https://github.com/OpenSC/OpenSC/pull/3558
Third Party Advisory third-party-advisory
https://www.vulncheck.com/advisories/opensc-stack-buffer-overflow-via-piv-process-history-in-card-piv-c
Scores
CVSS v3
3.8
EPSS
0.0021
EPSS Percentile
11.3%
Attack Vector
PHYSICAL
CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-121
Status
published
Products (3)
OpenSC/OpenSC
< 0.27.0-rc1
OpenSC/OpenSC
< 3f24f0b48a481a8cf2e46059d8238a283ddc1c13
opensc_project/opensc
< 0.27.0
Published
May 29, 2026
Tracked Since
May 29, 2026