THREAT OPS › Threat News › [NVD] CVE-2026-2100 (MEDIUM 5.3) — A flaw was found in p11-kit. A remote attacker could exploit this vulnerability by calling the C_DeriveKey function on a remote token with specific IBM kyber or IBM btc derive mechanism parameters set to NULL. This could lead to the RPC-client attempting to return an uninitialize
[NVD] CVE-2026-2100 (MEDIUM 5.3) — A flaw was found in p11-kit. A remote attacker could exploit this vulnerability by calling the C_DeriveKey function on a remote token with specific IBM kyber or IBM btc derive mechanism parameters set to NULL. This could lead to the RPC-client attempting to return an uninitialize
CVE-2026-2100 CVSS: 5.3 MEDIUM Published: 2026-03-26T21:17:04.247
A flaw was found in p11-kit. A remote attacker could exploit this vulnerability by calling the C_DeriveKey function on a remote token with specific IBM kyber or IBM btc derive mechanism parameters set to NULL. This could lead to the RPC-client attempting to return an uninitialized value, potentially resulting in a NULL dereference
Indicators of compromise
- CVE-2026-2100cve
Original source: https://nvd.nist.gov/vuln/detail/CVE-2026-2100