CVE-2025-13763
MEDIUM
NVD
CVSS Score
5.7
Severity
MEDIUM
Published
Apr 23, 2026
Vendor
unknown
Description
Multiple uses of uninitialized variables were found in libopensc that may lead to information disclosure or application crash. An attack requires a crafted USB device or smart card that would present the system with specially crafted responses to the APDUs
References
- https://access.redhat.com/security/cve/CVE-2025-13763
- https://bugzilla.redhat.com/show_bug.cgi?id=2417581
- https://github.com/OpenSC/OpenSC/security/advisories/GHSA-2v44-fq35-98vv
- https://github.com/OpenSC/OpenSC/wiki/CVE-2025-13763
- https://github.com/OpenSC/OpenSC/security/advisories/GHSA-2v44-fq35-98vv