CVE-2025-13763

Published: Apr 23, 2026 Last Modified: Apr 24, 2026
ExploitDB:
Other exploit source:
Google Dorks:
MEDIUM 5,7
Source: [email protected]
Attack Vector: physical
Attack Complexity: high
Privileges Required: none
User Interaction: none
Scope: unchanged
Confidentiality: high
Integrity: none
Availability: high

Description

AI Translation Available

Multiple uses of uninitialized variables were found in libopensc that may lead to information disclosure or application crash. An attack requires a crafted USB device or smart card that would present the system with specially crafted responses to the APDUs

EPSS (Exploit Prediction Scoring System)

Trend Analysis

EPSS (Exploit Prediction Scoring System)

Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.

EPSS Score
0,0002
Percentile
0,1th
Updated

EPSS Score Trend (Last 4 Days)

457

Use of Uninitialized Variable

Draft
Abstraction: Variant Structure: Simple
Common Consequences
Security Scopes Affected:
Availability Integrity Other Authorization
Potential Impacts:
Other
Applicable Platforms
Languages: C, C++, Not Language-Specific, Perl, PHP
Likelihood of Exploit: High
View CWE Details
https://github.com/OpenSC/OpenSC/security/advisories/GHSA-2…
https://github.com/OpenSC/OpenSC/security/advisories/GHSA-2v44-fq35-98vv
https://access.redhat.com/security/cve/CVE-2025-13763
https://access.redhat.com/security/cve/CVE-2025-13763
https://bugzilla.redhat.com/show_bug.cgi?id=2417581
https://bugzilla.redhat.com/show_bug.cgi?id=2417581
https://github.com/OpenSC/OpenSC/security/advisories/GHSA-2…
https://github.com/OpenSC/OpenSC/security/advisories/GHSA-2v44-fq35-98vv
https://github.com/OpenSC/OpenSC/wiki/CVE-2025-13763
https://github.com/OpenSC/OpenSC/wiki/CVE-2025-13763