{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2025-66037","assignerOrgId":"a0819718-46f1-4df5-94e2-005712e83aaa","state":"PUBLISHED","assignerShortName":"GitHub_M","dateReserved":"2025-11-21T01:08:02.615Z","datePublished":"2026-03-30T17:01:27.790Z","dateUpdated":"2026-03-30T20:14:39.203Z"},"containers":{"cna":{"title":"OpenSC: Out of Bounds vulnerability","problemTypes":[{"descriptions":[{"cweId":"CWE-125","lang":"en","description":"CWE-125: Out-of-bounds Read","type":"CWE"}]}],"metrics":[{"cvssV3_1":{"attackComplexity":"HIGH","attackVector":"PHYSICAL","availabilityImpact":"LOW","baseScore":3.9,"baseSeverity":"LOW","confidentialityImpact":"LOW","integrityImpact":"LOW","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L","version":"3.1"}}],"references":[{"name":"https://github.com/OpenSC/OpenSC/security/advisories/GHSA-m58q-rmjm-mmfx","tags":["x_refsource_CONFIRM"],"url":"https://github.com/OpenSC/OpenSC/security/advisories/GHSA-m58q-rmjm-mmfx"},{"name":"https://github.com/OpenSC/OpenSC/wiki/CVE-2025-66037","tags":["x_refsource_MISC"],"url":"https://github.com/OpenSC/OpenSC/wiki/CVE-2025-66037"}],"affected":[{"vendor":"OpenSC","product":"OpenSC","versions":[{"version":"< 0.27.0","status":"affected"}]}],"providerMetadata":{"orgId":"a0819718-46f1-4df5-94e2-005712e83aaa","shortName":"GitHub_M","dateUpdated":"2026-03-30T17:01:27.790Z"},"descriptions":[{"lang":"en","value":"OpenSC is an open source smart card tools and middleware. Prior to version 0.27.0, feeding a crafted input to the fuzz_pkcs15_reader harness causes OpenSC to perform an out-of-bounds heap read in the X.509/SPKI handling path. Specifically, sc_pkcs15_pubkey_from_spki_fields() allocates a zero-length buffer and then reads one byte past the end of that allocation. This issue has been patched in version 0.27.0."}],"source":{"advisory":"GHSA-m58q-rmjm-mmfx","discovery":"UNKNOWN"}},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2026-03-30T20:14:26.757382Z","id":"CVE-2025-66037","options":[{"Exploitation":"poc"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2026-03-30T20:14:39.203Z"}}]}}