Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
openCryptoki Privilege Escalation and Data Exposure
SUSE-SU-2026:0824-1
Summary
An update to openCryptoki is available to prevent attackers from using symlinks to gain higher privileges or access sensitive information. This update is important for organizations using openCryptoki, as it helps protect against unauthorized access and data breaches. To stay secure, update your openCryptoki software as soon as possible.
What to do
- Update opencryptoki to version 3.17.0-150400.4.11.1.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| – | opencryptoki | <= 3.17.0-150400.4.11.1 | 3.17.0-150400.4.11.1 |
Original title
Security update for openCryptoki
Original description
This update for openCryptoki fixes the following issues:
- CVE-2026-23893: Fixed privilege escalation or data exposure via symlink following (bsc#1257116)
- CVE-2026-23893: Fixed privilege escalation or data exposure via symlink following (bsc#1257116)
- https://www.suse.com/support/update/announcement/2026/suse-su-20260824-1/ Vendor Advisory
- https://bugzilla.suse.com/1257116 Third Party Advisory
- https://www.suse.com/security/cve/CVE-2026-23893 URL
Published: 5 Mar 2026 · Updated: 6 Mar 2026 · First seen: 6 Mar 2026