VYPR
Medium severity6.7OSV Advisory· Published Jan 16, 2026· Updated Apr 15, 2026

CVE-2025-24531

CVE-2025-24531

Description

In OpenSC pam_pkcs11 before 0.6.13, pam_sm_authenticate() wrongly returns PAM_IGNORE in many error situations (such as an error triggered by a smartcard before login), allowing authentication bypass.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

5

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.