openCryptoki is a PKCS#11 library and tools for Linux and AIX. In 3.25.0 and 3.26.0, there is a heap buffer overflow vulnerability in the CKMECDHAESKEYWRAP implementation allows an attacker with local access to cause out-of-bounds writes in the host process by supplying a compressed EC public key and invoking C_WrapKey. This can lead to heap corruption, or denial-of-service.
{
"cwe_ids": [
"CWE-131"
],
"osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/22xxx/CVE-2026-22791.json",
"cna_assigner": "GitHub_M"
}{
"cpe": [
"cpe:2.3:a:opencryptoki_project:opencryptoki:3.25.0:*:*:*:*:*:*:*",
"cpe:2.3:a:opencryptoki_project:opencryptoki:3.26.0:*:*:*:*:*:*:*"
],
"extracted_events": [
{
"introduced": "3.25.0"
},
{
"last_affected": "3.25.0"
},
{
"introduced": "3.26.0"
},
{
"last_affected": "3.26.0"
}
],
"source": [
"CPE_STRING",
"REFERENCES"
]
}