CVE-2026-32953
CVE-2026-32953 is a medium-severity vulnerability in Tillitis Tkey Client with a CVSS 3.x base score of 4.6. It is not currently listed as actively exploited by CISA, and its EPSS exploit-prediction score is low. The underlying weakness is classified as CWE-303.
Key facts
- Severity: Medium (CVSS 3.x base score 4.6)
- CVSS v4: 4.7
- EPSS exploit prediction: 0% (16th percentile)
- Actively exploited: Not listed in CISA KEV
- EU (EUVD) id: EUVD-2026-13545
- Weakness: CWE-303
- Affected product: Tillitis Tkey Client
- Published:
- Last modified:
Description
Tillitis TKey Client package is a Go package for a TKey client. Versions 1.2.0 and below contain a critical bug in the tkeyclient Go module which causes 1 out of every 256 User Supplied Secrets (USS) to be silently ignored, producing the same Compound Device Identifier (CDI)—and thus the same key material—as if no USS is provided. This happens because a buffer index error overwrites the USS-enabled boolean with the first byte of the USS digest, so any USS whose hash starts with 0x00 is effectively discarded. This issue has been fixed in version 1.3.0. Users unable to upgrade immediately should switch to a USS whose hash does not begin with a zero byte.
Frequently asked questions
- What is CVE-2026-32953?
- Tillitis TKey Client package is a Go package for a TKey client. Versions 1.2.0 and below contain a critical bug in the tkeyclient Go module which causes 1 out of every 256 User Supplied Secrets (USS) to be silently ignored, producing the same Compound Device Identifier (CDI)—and thus the same key material—as if no USS is provided. This happens because a buffer index error overwrites the USS-enabled boolean with the first byte of the USS digest, so any USS whose hash starts with 0x00 is effectively discarded. This issue has been fixed in version 1.3.0. Users unable to upgrade immediately should switch to a USS whose hash does not begin with a zero byte.
- How severe is CVE-2026-32953?
- CVE-2026-32953 has a CVSS 3.x base score of 4.6, rated medium severity. It is exploitable over physical access with low attack complexity, requires no privileges and no user interaction. Impact on confidentiality is none, integrity high, and availability none.
- Is CVE-2026-32953 being actively exploited?
- It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 0% (16th percentile), an estimate of the probability of exploitation in the next 30 days.
- What products are affected by CVE-2026-32953?
- CVE-2026-32953 affects Tillitis Tkey Client. See the affected-products list for the exact vulnerable versions.
- How do I fix CVE-2026-32953?
- Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround.
- Does CVE-2026-32953 have an EU (EUVD) identifier?
- Yes. CVE-2026-32953 is tracked in the ENISA EU Vulnerability Database (EUVD) as EUVD-2026-13545.
- When was CVE-2026-32953 published?
- CVE-2026-32953 was published on 2026-03-20 and last updated on 2026-06-17.
References
- https://github.com/tillitis/tkeyclient/commit/4954dccf0287657edf8d405057e134cdff9c59e8
- https://github.com/tillitis/tkeyclient/releases/tag/v1.3.0
- https://github.com/tillitis/tkeyclient/security/advisories/GHSA-4w7r-3222-8h6v
Affected products (1)
- cpe:2.3:a:tillitis:tkey_client:*:*:*:*:*:go:*:*
Other CWE-303 vulnerabilities
- CVE-2025-13390 — Critical (CVSS 10.0): The WP Directory Kit plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including,…
- CVE-2025-12421 — Critical (CVSS 9.9): Mattermost versions 11.0.x <= 11.0.2, 10.12.x <= 10.12.1, 10.11.x <= 10.11.4, 10.5.x <= 10.5.12 fail to to verify that…
- CVE-2025-12419 — Critical (CVSS 9.9): Mattermost versions 10.12.x <= 10.12.1, 10.11.x <= 10.11.4, 10.5.x <= 10.5.12, 11.0.x <= 11.0.3 fail to properly…
- CVE-2025-66489 — Critical (CVSS 9.8): Cal.com is open-source scheduling software. Prior to 5.9.8, A flaw in the login credentials provider allows an attacker…
- CVE-2025-21311 — Critical (CVSS 9.8): Windows NTLM V1 Elevation of Privilege Vulnerability
- CVE-2024-10127 — Critical (CVSS 9.8): Authentication bypass condition in LDAP authentication in M-Files server versions before 24.11 supported usage of…