CVE-2025-13763 MEDIUM

CVE-2025-13763: Libopensc: opensc: multiple uses of uninitialized variable

Vendor Opensc
Product OpenSC
Published April 23, 2026
Last update June 30, 2026

CVSS base score

5.7/10
Attack vector Physical
Attack complexity High
Privileges required None
User interaction None
Confidentiality High
Integrity None

CVSS vector

CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H

What the vulnerability does

01Description

Multiple uses of uninitialized variables were found in libopensc that may lead to information disclosure or application crash. An attack requires a crafted USB device or smart card that would present the system with specially crafted responses to the APDUs

Key dates

02Disclosure timeline

April 23, 2026 CVE published
June 30, 2026 Record updated