CVE-2026-22791
- Source
- https://cve.org/CVERecord?id=CVE-2026-22791
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-22791.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2026-22791
- Aliases
-
- GHSA-26f5-3mwq-4wm7
- Downstream
- Published
- 2026-01-13T19:06:41.052Z
- Modified
- 2026-03-01T02:56:23.787956Z
- Severity
-
- 6.6 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H CVSS Calculator
- Summary
- openCryptoki incorrectly calculates the buffer size in C_WrapKey with CKM_ECDH_AES_KEY_WRAP
- Details
-
openCryptoki is a PKCS#11 library and tools for Linux and AIX. In 3.25.0 and 3.26.0, there is a heap buffer overflow vulnerability in the CKMECDHAESKEYWRAP implementation allows an attacker with local access to cause out-of-bounds writes in the host process by supplying a compressed EC public key and invoking C_WrapKey. This can lead to heap corruption, or denial-of-service.
- Database specific
{ "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/22xxx/CVE-2026-22791.json", "cna_assigner": "GitHub_M", "cwe_ids": [ "CWE-131" ] }- References
-
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/22xxx/CVE-2026-22791.json
- https://github.com/opencryptoki/opencryptoki/commit/785d7577e1477d12fbe235554e7e7b24f2de34b7
- https://github.com/opencryptoki/opencryptoki/commit/e37e9127deeeb7bf3c3c4d852c594256c57ec3a8
- https://github.com/opencryptoki/opencryptoki/security/advisories/GHSA-26f5-3mwq-4wm7
- https://nvd.nist.gov/vuln/detail/CVE-2026-22791
Affected packages
Git / github.com/opencryptoki/opencryptoki
Database specific
vanir_signatures
[
{
"id": "CVE-2026-22791-ab0097b5",
"signature_version": "v1",
"deprecated": false,
"source": "https://github.com/opencryptoki/opencryptoki/commit/e37e9127deeeb7bf3c3c4d852c594256c57ec3a8",
"target": {
"file": "usr/lib/common/mech_ec.c"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"226477995178739894609747281148978231141",
"90582510409175925441890423162824805649",
"312040314689345286489358660949362564935",
"4963154249892905667818814212711724135",
"319784867578471114566398209225041860996",
"11850901699426370992076550726845382058",
"245630710661004154871949829406654311185",
"198549139072610798345178231600191831625",
"304918089966536043204796381273153575593",
"271663136754466977308943617290000196341",
"51180500979305882467950678184769479303",
"272901249383304781112554343596231118946",
"265942702912718186905788058304296951797",
"254595667723479315873100659991366688541",
"149186101120539004144257338613389492735",
"256307837297491195850591919973796748588",
"133597811745810610737371631617388622530",
"227545471864423048252211748479531583904",
"44717050646128655830850863379594588733",
"9063586468038997097252819990760266172",
"54710517467226751563252007790750601476",
"336588038692614644934088607933890017794",
"109968421720439245208155981641120722605",
"288016549328721859344315098306975709880",
"156443257410496777152554369453495840434",
"218472382166509017487003521631771790146",
"41881049883270416230384799389929366288",
"131093696008111627277357666258541434633",
"79813566258645363386565427794014645458",
"285289959971436275543783131575115783731",
"73008816575143904149649613864506990944",
"121328953299251612404915873139531678200",
"140983407937943147380031504335962912042",
"54611718602689574943986319481941841729",
"149482236436839880211814980980821143698",
"308419704755883732229334929897371358659"
]
},
"signature_type": "Line"
},
{
"id": "CVE-2026-22791-e058ce81",
"signature_version": "v1",
"deprecated": false,
"source": "https://github.com/opencryptoki/opencryptoki/commit/e37e9127deeeb7bf3c3c4d852c594256c57ec3a8",
"target": {
"function": "ecdh_aes_key_wrap",
"file": "usr/lib/common/mech_ec.c"
},
"digest": {
"length": 6212.0,
"function_hash": "260597570153548620921498641410558710071"
},
"signature_type": "Function"
}
]
source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-22791.json"