THREATOPS
THREAT OPSThreat News › [NVD] CVE-2026-2100 (MEDIUM 5.3) — A flaw was found in p11-kit. A remote attacker could exploit this vulnerability by calling the C_DeriveKey function on a remote token with specific IBM kyber or IBM btc derive mechanism parameters set to NULL. This could lead to the RPC-client attempting to return an uninitialize

[NVD] CVE-2026-2100 (MEDIUM 5.3) — A flaw was found in p11-kit. A remote attacker could exploit this vulnerability by calling the C_DeriveKey function on a remote token with specific IBM kyber or IBM btc derive mechanism parameters set to NULL. This could lead to the RPC-client attempting to return an uninitialize

lownvdPublished 2026-03-26

CVE-2026-2100 CVSS: 5.3 MEDIUM Published: 2026-03-26T21:17:04.247

A flaw was found in p11-kit. A remote attacker could exploit this vulnerability by calling the C_DeriveKey function on a remote token with specific IBM kyber or IBM btc derive mechanism parameters set to NULL. This could lead to the RPC-client attempting to return an uninitialized value, potentially resulting in a NULL dereference

Indicators of compromise

Original source: https://nvd.nist.gov/vuln/detail/CVE-2026-2100