Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
4 vulnerabilities by tillitis
CVE-2026-32953 (GCVE-0-2026-32953)
Vulnerability from nvd – Published: 2026-03-20 04:24 – Updated: 2026-03-20 18:08
VLAI
Title
Tillitis: TKey Client has an Error in Protocol Implementation
Summary
Tillitis TKey Client package is a Go package for a TKey client. Versions 1.2.0 and below contain a critical bug in the tkeyclient Go module which causes 1 out of every 256 User Supplied Secrets (USS) to be silently ignored, producing the same Compound Device Identifier (CDI)—and thus the same key material—as if no USS is provided. This happens because a buffer index error overwrites the USS-enabled boolean with the first byte of the USS digest, so any USS whose hash starts with 0x00 is effectively discarded. This issue has been fixed in version 1.3.0. Users unable to upgrade immediately should switch to a USS whose hash does not begin with a zero byte.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-303 - Incorrect Implementation of Authentication Algorithm
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://github.com/tillitis/tkeyclient/security/a… | x_refsource_CONFIRM |
| https://github.com/tillitis/tkeyclient/commit/495… | x_refsource_MISC |
| https://github.com/tillitis/tkeyclient/releases/t… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| tillitis | tkeyclient |
Affected:
< 1.3.0
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-32953",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-20T16:34:24.939980Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-20T18:08:15.041Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "tkeyclient",
"vendor": "tillitis",
"versions": [
{
"status": "affected",
"version": "\u003c 1.3.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Tillitis TKey Client package is a Go package for a TKey client. Versions 1.2.0 and below contain a critical bug in the tkeyclient Go module which causes 1 out of every 256 User Supplied Secrets (USS) to be silently ignored, producing the same Compound Device Identifier (CDI)\u2014and thus the same key material\u2014as if no USS is provided. This happens because a buffer index error overwrites the USS-enabled boolean with the first byte of the USS digest, so any USS whose hash starts with 0x00 is effectively discarded. This issue has been fixed in version 1.3.0. Users unable to upgrade immediately should switch to a USS whose hash does not begin with a zero byte."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "PHYSICAL",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:H/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-303",
"description": "CWE-303: Incorrect Implementation of Authentication Algorithm",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-20T04:24:12.374Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/tillitis/tkeyclient/security/advisories/GHSA-4w7r-3222-8h6v",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/tillitis/tkeyclient/security/advisories/GHSA-4w7r-3222-8h6v"
},
{
"name": "https://github.com/tillitis/tkeyclient/commit/4954dccf0287657edf8d405057e134cdff9c59e8",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/tillitis/tkeyclient/commit/4954dccf0287657edf8d405057e134cdff9c59e8"
},
{
"name": "https://github.com/tillitis/tkeyclient/releases/tag/v1.3.0",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/tillitis/tkeyclient/releases/tag/v1.3.0"
}
],
"source": {
"advisory": "GHSA-4w7r-3222-8h6v",
"discovery": "UNKNOWN"
},
"title": "Tillitis: TKey Client has an Error in Protocol Implementation"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-32953",
"datePublished": "2026-03-20T04:24:12.374Z",
"dateReserved": "2026-03-17T00:05:53.285Z",
"dateUpdated": "2026-03-20T18:08:15.041Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-32482 (GCVE-0-2024-32482)
Vulnerability from nvd – Published: 2024-04-23 17:38 – Updated: 2024-08-02 02:13
VLAI
Title
Tillitis TKey Signer possible RAM disclosure vulnerability
Summary
The Tillitis TKey signer device application is an ed25519 signing tool. A vulnerability has been found that makes it possible to disclose portions of the TKey’s data in RAM over the USB interface. To exploit the vulnerability an attacker needs to use a custom client application and to touch the TKey. No secret is disclosed. All client applications integrating tkey-device-signer should upgrade to version 1.0.0 to receive a fix. No known workarounds are available.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/tillitis/tkey-device-signer/se… | x_refsource_CONFIRM |
| https://bugbounty.tillitis.se/security-bulletins/… | x_refsource_MISC |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| tillitis | tkey-device-signer |
Affected:
< 1.0.0
|
|
| tillitis | tkey_device_signer |
Affected:
0 , < 1.0.0
(semver)
cpe:2.3:a:tillitis:tkey_device_signer:-:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:tillitis:tkey_device_signer:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "tkey_device_signer",
"vendor": "tillitis",
"versions": [
{
"lessThan": "1.0.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-32482",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-23T19:29:46.894770Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:50:25.582Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T02:13:39.266Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/tillitis/tkey-device-signer/security/advisories/GHSA-frqc-62hv-379p",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/tillitis/tkey-device-signer/security/advisories/GHSA-frqc-62hv-379p"
},
{
"name": "https://bugbounty.tillitis.se/security-bulletins/tillitis-security-bulletin-240115-1",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugbounty.tillitis.se/security-bulletins/tillitis-security-bulletin-240115-1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "tkey-device-signer",
"vendor": "tillitis",
"versions": [
{
"status": "affected",
"version": "\u003c 1.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The Tillitis TKey signer device application is an ed25519 signing tool. A vulnerability has been found that makes it possible to disclose portions of the TKey\u2019s data in RAM over the USB interface. To exploit the vulnerability an attacker needs to use a custom client application and to touch the TKey. No secret is disclosed. All client applications integrating tkey-device-signer should upgrade to version 1.0.0 to receive a fix. No known workarounds are available."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 2.2,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125: Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-367",
"description": "CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-23T17:38:09.614Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/tillitis/tkey-device-signer/security/advisories/GHSA-frqc-62hv-379p",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/tillitis/tkey-device-signer/security/advisories/GHSA-frqc-62hv-379p"
},
{
"name": "https://bugbounty.tillitis.se/security-bulletins/tillitis-security-bulletin-240115-1",
"tags": [
"x_refsource_MISC"
],
"url": "https://bugbounty.tillitis.se/security-bulletins/tillitis-security-bulletin-240115-1"
}
],
"source": {
"advisory": "GHSA-frqc-62hv-379p",
"discovery": "UNKNOWN"
},
"title": "Tillitis TKey Signer possible RAM disclosure vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-32482",
"datePublished": "2024-04-23T17:38:09.614Z",
"dateReserved": "2024-04-12T19:41:51.168Z",
"dateUpdated": "2024-08-02T02:13:39.266Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2026-32953 (GCVE-0-2026-32953)
Vulnerability from cvelistv5 – Published: 2026-03-20 04:24 – Updated: 2026-03-20 18:08
VLAI
Title
Tillitis: TKey Client has an Error in Protocol Implementation
Summary
Tillitis TKey Client package is a Go package for a TKey client. Versions 1.2.0 and below contain a critical bug in the tkeyclient Go module which causes 1 out of every 256 User Supplied Secrets (USS) to be silently ignored, producing the same Compound Device Identifier (CDI)—and thus the same key material—as if no USS is provided. This happens because a buffer index error overwrites the USS-enabled boolean with the first byte of the USS digest, so any USS whose hash starts with 0x00 is effectively discarded. This issue has been fixed in version 1.3.0. Users unable to upgrade immediately should switch to a USS whose hash does not begin with a zero byte.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-303 - Incorrect Implementation of Authentication Algorithm
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://github.com/tillitis/tkeyclient/security/a… | x_refsource_CONFIRM |
| https://github.com/tillitis/tkeyclient/commit/495… | x_refsource_MISC |
| https://github.com/tillitis/tkeyclient/releases/t… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| tillitis | tkeyclient |
Affected:
< 1.3.0
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-32953",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-20T16:34:24.939980Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-20T18:08:15.041Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "tkeyclient",
"vendor": "tillitis",
"versions": [
{
"status": "affected",
"version": "\u003c 1.3.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Tillitis TKey Client package is a Go package for a TKey client. Versions 1.2.0 and below contain a critical bug in the tkeyclient Go module which causes 1 out of every 256 User Supplied Secrets (USS) to be silently ignored, producing the same Compound Device Identifier (CDI)\u2014and thus the same key material\u2014as if no USS is provided. This happens because a buffer index error overwrites the USS-enabled boolean with the first byte of the USS digest, so any USS whose hash starts with 0x00 is effectively discarded. This issue has been fixed in version 1.3.0. Users unable to upgrade immediately should switch to a USS whose hash does not begin with a zero byte."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "PHYSICAL",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:H/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-303",
"description": "CWE-303: Incorrect Implementation of Authentication Algorithm",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-20T04:24:12.374Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/tillitis/tkeyclient/security/advisories/GHSA-4w7r-3222-8h6v",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/tillitis/tkeyclient/security/advisories/GHSA-4w7r-3222-8h6v"
},
{
"name": "https://github.com/tillitis/tkeyclient/commit/4954dccf0287657edf8d405057e134cdff9c59e8",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/tillitis/tkeyclient/commit/4954dccf0287657edf8d405057e134cdff9c59e8"
},
{
"name": "https://github.com/tillitis/tkeyclient/releases/tag/v1.3.0",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/tillitis/tkeyclient/releases/tag/v1.3.0"
}
],
"source": {
"advisory": "GHSA-4w7r-3222-8h6v",
"discovery": "UNKNOWN"
},
"title": "Tillitis: TKey Client has an Error in Protocol Implementation"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-32953",
"datePublished": "2026-03-20T04:24:12.374Z",
"dateReserved": "2026-03-17T00:05:53.285Z",
"dateUpdated": "2026-03-20T18:08:15.041Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-32482 (GCVE-0-2024-32482)
Vulnerability from cvelistv5 – Published: 2024-04-23 17:38 – Updated: 2024-08-02 02:13
VLAI
Title
Tillitis TKey Signer possible RAM disclosure vulnerability
Summary
The Tillitis TKey signer device application is an ed25519 signing tool. A vulnerability has been found that makes it possible to disclose portions of the TKey’s data in RAM over the USB interface. To exploit the vulnerability an attacker needs to use a custom client application and to touch the TKey. No secret is disclosed. All client applications integrating tkey-device-signer should upgrade to version 1.0.0 to receive a fix. No known workarounds are available.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/tillitis/tkey-device-signer/se… | x_refsource_CONFIRM |
| https://bugbounty.tillitis.se/security-bulletins/… | x_refsource_MISC |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| tillitis | tkey-device-signer |
Affected:
< 1.0.0
|
|
| tillitis | tkey_device_signer |
Affected:
0 , < 1.0.0
(semver)
cpe:2.3:a:tillitis:tkey_device_signer:-:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:tillitis:tkey_device_signer:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "tkey_device_signer",
"vendor": "tillitis",
"versions": [
{
"lessThan": "1.0.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-32482",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-23T19:29:46.894770Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:50:25.582Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T02:13:39.266Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/tillitis/tkey-device-signer/security/advisories/GHSA-frqc-62hv-379p",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/tillitis/tkey-device-signer/security/advisories/GHSA-frqc-62hv-379p"
},
{
"name": "https://bugbounty.tillitis.se/security-bulletins/tillitis-security-bulletin-240115-1",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugbounty.tillitis.se/security-bulletins/tillitis-security-bulletin-240115-1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "tkey-device-signer",
"vendor": "tillitis",
"versions": [
{
"status": "affected",
"version": "\u003c 1.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The Tillitis TKey signer device application is an ed25519 signing tool. A vulnerability has been found that makes it possible to disclose portions of the TKey\u2019s data in RAM over the USB interface. To exploit the vulnerability an attacker needs to use a custom client application and to touch the TKey. No secret is disclosed. All client applications integrating tkey-device-signer should upgrade to version 1.0.0 to receive a fix. No known workarounds are available."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 2.2,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125: Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-367",
"description": "CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-23T17:38:09.614Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/tillitis/tkey-device-signer/security/advisories/GHSA-frqc-62hv-379p",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/tillitis/tkey-device-signer/security/advisories/GHSA-frqc-62hv-379p"
},
{
"name": "https://bugbounty.tillitis.se/security-bulletins/tillitis-security-bulletin-240115-1",
"tags": [
"x_refsource_MISC"
],
"url": "https://bugbounty.tillitis.se/security-bulletins/tillitis-security-bulletin-240115-1"
}
],
"source": {
"advisory": "GHSA-frqc-62hv-379p",
"discovery": "UNKNOWN"
},
"title": "Tillitis TKey Signer possible RAM disclosure vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-32482",
"datePublished": "2024-04-23T17:38:09.614Z",
"dateReserved": "2024-04-12T19:41:51.168Z",
"dateUpdated": "2024-08-02T02:13:39.266Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}