CVE-2025-13763

MEDIUM SEVERITY

CVSS Score & Metrics

Base Score

5.7 / 10

Vector String

                                        CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H                                    

Vulnerability Description

Multiple uses of uninitialized variables were found in libopensc that may lead to information disclosure or application crash. An attack requires a crafted USB device or smart card that would present the system with specially crafted responses to the APDUs

Vulnerability Details

Published Date

April 23, 2026

Last Modified

April 24, 2026

CWE ID

CWE-457

Source

NVD

Vendor

OpenSC, Red Hat

Product

OpenSC, Red Hat Enterprise Linux 10, Red Hat Enterprise Linux 7, Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9

External References

https://access.redhat.com/security/cve/CVE-2025-13763
https://bugzilla.redhat.com/show_bug.cgi?id=2417581
https://github.com/OpenSC/OpenSC/security/advisories/GHSA-2v44-fq35-98vv
https://github.com/OpenSC/OpenSC/wiki/CVE-2025-13763

CVE-2025-13763

CVSS Score & Metrics

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment