P11 Kit
Source repositories
CVEs (2)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-13757 | mod | 0.40 | 6.2 | — | Jun 23, 2026 | p11-kit: Stack exhaustion via unbounded recursion in RPC attribute parsing | ||
| CVE-2026-2100 | Med | 0.27 | 5.3 | 0.01 | Mar 26, 2026 | A flaw was found in p11-kit. A remote attacker could exploit this vulnerability by calling the C_DeriveKey function on a remote token with specific IBM kyber or IBM btc derive mechanism parameters set to NULL. This could lead to the RPC-client attempting to return an… |
- risk 0.40cvss 6.2epss —
p11-kit: Stack exhaustion via unbounded recursion in RPC attribute parsing
- risk 0.27cvss 5.3epss 0.01
A flaw was found in p11-kit. A remote attacker could exploit this vulnerability by calling the C_DeriveKey function on a remote token with specific IBM kyber or IBM btc derive mechanism parameters set to NULL. This could lead to the RPC-client attempting to return an…