Libtpms Project Libtpms — known CVE vulnerabilities
Every CVE whose affected-product data names Libtpms Project Libtpms, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (7)
CVE-2021-3746 — CVSS 6.5 (medium): A flaw was found in the libtpms code that may cause access beyond the boundary of internal buffers. The vulnerability is triggered by…
CVE-2021-3623 — CVSS 6.1 (medium): A flaw was found in libtpms. The flaw can be triggered by specially-crafted TPM 2 command packets containing illegal values and may lead to…
CVE-2025-49133 — CVSS 5.9 (medium): Libtpms is a library that targets the integration of TPM functionality into hypervisors, primarily into Qemu. Libtpms, which is derived…
CVE-2021-3569 — CVSS 5.5 (medium): A stack corruption bug was found in libtpms in versions before 0.7.2 and before 0.8.0 while decrypting data using RSA. This flaw could…
CVE-2021-3446 — CVSS 5.5 (medium): A flaw was found in libtpms in versions before 0.8.2. The commonly used integration of libtpms with OpenSSL contained a vulnerability…
CVE-2021-3505 — CVSS 5.5 (medium): A flaw was found in libtpms in versions before 0.8.0. The TPM 2 implementation returns 2048 bit keys with ~1984 bit strength due to a bug…
CVE-2026-21444 — CVSS 5.5 (medium): libtpms, a library that provides software emulation of a Trusted Platform Module, has a flaw in versions 0.10.0 and 0.10.1. The commonly…