{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-22791", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-01-09T18:27:19.388Z", "datePublished": "2026-01-13T19:06:41.052Z", "dateUpdated": "2026-01-13T19:44:53.120Z"}, "containers": {"cna": {"title": "openCryptoki incorrectly calculates the buffer size in C_WrapKey with CKM_ECDH_AES_KEY_WRAP", "problemTypes": [{"descriptions": [{"cweId": "CWE-131", "lang": "en", "description": "CWE-131: Incorrect Calculation of Buffer Size", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H", "version": "3.1"}}], "references": [{"name": "https://github.com/opencryptoki/opencryptoki/security/advisories/GHSA-26f5-3mwq-4wm7", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/opencryptoki/opencryptoki/security/advisories/GHSA-26f5-3mwq-4wm7"}, {"name": "https://github.com/opencryptoki/opencryptoki/commit/785d7577e1477d12fbe235554e7e7b24f2de34b7", "tags": ["x_refsource_MISC"], "url": "https://github.com/opencryptoki/opencryptoki/commit/785d7577e1477d12fbe235554e7e7b24f2de34b7"}, {"name": "https://github.com/opencryptoki/opencryptoki/commit/e37e9127deeeb7bf3c3c4d852c594256c57ec3a8", "tags": ["x_refsource_MISC"], "url": "https://github.com/opencryptoki/opencryptoki/commit/e37e9127deeeb7bf3c3c4d852c594256c57ec3a8"}], "affected": [{"vendor": "opencryptoki", "product": "opencryptoki", "versions": [{"version": ">= 3.25.0, <= 3.26.0", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-01-13T19:06:41.052Z"}, "descriptions": [{"lang": "en", "value": "openCryptoki is a PKCS#11 library and tools for Linux and AIX. In 3.25.0 and 3.26.0, there is a heap buffer overflow vulnerability in the CKM_ECDH_AES_KEY_WRAP implementation allows an attacker with local access to cause out-of-bounds writes in the host process by supplying a compressed EC public key and invoking C_WrapKey. This can lead to heap corruption, or denial-of-service."}], "source": {"advisory": "GHSA-26f5-3mwq-4wm7", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-01-13T19:43:34.611743Z", "id": "CVE-2026-22791", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-01-13T19:44:53.120Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-22791", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-01-13T19:43:34.611743Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-01-13T19:44:48.684Z"}}], "cna": {"title": "openCryptoki incorrectly calculates the buffer size in C_WrapKey with CKM_ECDH_AES_KEY_WRAP", "source": {"advisory": "GHSA-26f5-3mwq-4wm7", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.6, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}}], "affected": [{"vendor": "opencryptoki", "product": "opencryptoki", "versions": [{"status": "affected", "version": ">= 3.25.0, <= 3.26.0"}]}], "references": [{"url": "https://github.com/opencryptoki/opencryptoki/security/advisories/GHSA-26f5-3mwq-4wm7", "name": "https://github.com/opencryptoki/opencryptoki/security/advisories/GHSA-26f5-3mwq-4wm7", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/opencryptoki/opencryptoki/commit/785d7577e1477d12fbe235554e7e7b24f2de34b7", "name": "https://github.com/opencryptoki/opencryptoki/commit/785d7577e1477d12fbe235554e7e7b24f2de34b7", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/opencryptoki/opencryptoki/commit/e37e9127deeeb7bf3c3c4d852c594256c57ec3a8", "name": "https://github.com/opencryptoki/opencryptoki/commit/e37e9127deeeb7bf3c3c4d852c594256c57ec3a8", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "openCryptoki is a PKCS#11 library and tools for Linux and AIX. In 3.25.0 and 3.26.0, there is a heap buffer overflow vulnerability in the CKM_ECDH_AES_KEY_WRAP implementation allows an attacker with local access to cause out-of-bounds writes in the host process by supplying a compressed EC public key and invoking C_WrapKey. This can lead to heap corruption, or denial-of-service."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-131", "description": "CWE-131: Incorrect Calculation of Buffer Size"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-01-13T19:06:41.052Z"}}}, "cveMetadata": {"cveId": "CVE-2026-22791", "state": "PUBLISHED", "dateUpdated": "2026-01-13T19:44:53.120Z", "dateReserved": "2026-01-09T18:27:19.388Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2026-01-13T19:06:41.052Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:opencryptoki_project:opencryptoki:3.25.0:*:*:*:*:*:*:*", "matchCriteriaId": "0D816F8B-C6E1-47F2-9FE0-546949751FAB", "vulnerable": true}, {"criteria": "cpe:2.3:a:opencryptoki_project:opencryptoki:3.26.0:*:*:*:*:*:*:*", "matchCriteriaId": "A19F0637-CBD9-4902-AFA9-A78584FAACF3", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "openCryptoki is a PKCS#11 library and tools for Linux and AIX. In 3.25.0 and 3.26.0, there is a heap buffer overflow vulnerability in the CKM_ECDH_AES_KEY_WRAP implementation allows an attacker with local access to cause out-of-bounds writes in the host process by supplying a compressed EC public key and invoking C_WrapKey. This can lead to heap corruption, or denial-of-service."}], "id": "CVE-2026-22791", "lastModified": "2026-02-03T18:47:15.253", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 4.7, "source": "security-advisories@github.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 4.2, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2026-01-13T19:16:26.710", "references": [{"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/opencryptoki/opencryptoki/commit/785d7577e1477d12fbe235554e7e7b24f2de34b7"}, {"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/opencryptoki/opencryptoki/commit/e37e9127deeeb7bf3c3c4d852c594256c57ec3a8"}, {"source": "security-advisories@github.com", "tags": ["Exploit", "Patch", "Vendor Advisory"], "url": "https://github.com/opencryptoki/opencryptoki/security/advisories/GHSA-26f5-3mwq-4wm7"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-131"}], "source": "security-advisories@github.com", "type": "Primary"}]}

{"bugzilla": {"description": "openCryptoki: openCryptoki: Denial of Service and heap corruption via heap buffer overflow", "id": "2429335", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429335"}, "csaw": false, "cvss3": {"cvss3_base_score": "6.6", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H", "status": "draft"}, "cwe": "CWE-131", "details": ["openCryptoki is a PKCS#11 library and tools for Linux and AIX. In 3.25.0 and 3.26.0, there is a heap buffer overflow vulnerability in the CKM_ECDH_AES_KEY_WRAP implementation allows an attacker with local access to cause out-of-bounds writes in the host process by supplying a compressed EC public key and invoking C_WrapKey. This can lead to heap corruption, or denial-of-service.", "A flaw was found in openCryptoki, a library for cryptographic operations. A local attacker can exploit a heap buffer overflow vulnerability within the CKM_ECDH_AES_KEY_WRAP implementation. By providing a compressed Elliptic Curve (EC) public key and invoking the C_WrapKey function, the attacker can trigger out-of-bounds writes. This can lead to heap corruption and a denial-of-service (DoS) condition, making the system unavailable."], "name": "CVE-2026-22791", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Fix deferred", "package_name": "opencryptoki", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "opencryptoki", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "opencryptoki", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "opencryptoki", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "opencryptoki", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2026-01-13T19:06:41Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-22791\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-22791\nhttps://github.com/opencryptoki/opencryptoki/commit/785d7577e1477d12fbe235554e7e7b24f2de34b7\nhttps://github.com/opencryptoki/opencryptoki/commit/e37e9127deeeb7bf3c3c4d852c594256c57ec3a8\nhttps://github.com/opencryptoki/opencryptoki/security/advisories/GHSA-26f5-3mwq-4wm7"], "threat_severity": "Moderate"}

{"analysis": {"en": {"generated_at": "2026-04-18T06:33:20.935677+00:00", "value": {"mitigation_remediation": ["Upgrade opencryptoki to the latest release that includes the buffer\u2011size fix, or apply the vendor patches identified in the official advisories.", "If upgrading is not immediately possible, rebuild the library from source with the patched code committed in the vendor repository to ensure correct buffer size handling.", "When a rapid fix is unavailable, disable or avoid the CKM_ECDH_AES_KEY_WRAP mechanism in your applications, or terminate processes that rely on it until a patched version is deployed."], "summary": {"action": "Patch", "impact": "Out\u2011of\u2011bounds writes that can corrupt the heap, leading to denial of service"}, "threat_synthesis": {"affected_systems": "The vulnerability applies to the opencryptoki project\u2019s opencryptoki library on Linux and AIX. Affected binaries are version 3.25.0 and 3.26.0. No other releases are impacted in the current data set.", "description_and_impact": "openCryptoki, versions 3.25.0 and 3.26.0, includes a heap buffer overflow in the CKM_ECDH_AES_KEY_WRAP implementation of C_WrapKey. When an attacker supplies a compressed elliptic\u2011curve public key and invokes C_WrapKey, the library calculates an incorrect buffer size, causing out\u2011of\u2011bounds writes on the heap. This corruption can destabilize the affected process and may be exploited to crash the host application, which results in a denial\u2011of\u2011service scenario.", "risk_and_exploitability": "The CVSS base score is 6.6, indicating moderate severity. The EPSS score is below 1%, representing a very low expected exploitation probability at present. The flaw is not listed in the CISA Known Exploited Vulnerabilities catalog. Because the bug manifests when a local process invokes C_WrapKey with a crafted key, the attack vector is local privilege, and an attacker would need code execution or the ability to influence the key input for a running process that uses this library. If such conditions are met, the out\u2011of\u2011bounds write could corrupt heap structures and crash the application."}}}}, "created": "2026-01-14T11:08:18.343704+00:00", "updated": "2026-04-18T06:45:23.957853+00:00", "vendors": ["ibm", "ibm$PRODUCT$aix", "linux", "linux$PRODUCT$linux", "opencryptoki_project", "opencryptoki_project$PRODUCT$opencryptoki"]}