Sign in Get started

← All advisories

Critical severity9.8NVD Advisory· Published Mar 25, 2026· Updated Apr 2, 2026

CVE-2025-70888

CVE-2025-70888

Description

An issue in mtrojnar Osslsigncode affected at v2.10 and before allows a remote attacker to escalate privileges via the osslsigncode.c component

Affected products

1

Osslsigncode Project/Osslsigncode
cpe:2.3:a:osslsigncode_project:osslsigncode:*:*:*:*:*:*:*:*
Range: <=2.10

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

3

github.com/mtrojnar/osslsigncode/issues/475nvdIssue TrackingThird Party Advisory
github.com/ralphje/signify/issues/60nvdIssue TrackingThird Party Advisory
github.com/mtrojnar/osslsigncode/pull/477nvdIssue Tracking

News mentions

0

No linked articles in our index yet.