Yubico
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in any Yubico product.
RSS Feeds for Yubico security vulnerabilities
Create a CVE RSS feed including security vulnerabilities found in Yubico products with stack.watch. Just hit watch, then grab your custom RSS feed url.
Products by Yubico Sorted by Most Security Vulnerabilities since 2018
By the Year
In 2026 there have been 2 vulnerabilities in Yubico with an average score of 5.2 out of ten. Last year, in 2025 Yubico had 1 security vulnerability published. That is, 1 more vulnerability have already been reported in 2026 as compared to last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 2 | 5.20 |
| 2025 | 1 | 0.00 |
| 2024 | 0 | 0.00 |
| 2023 | 1 | 7.50 |
| 2022 | 2 | 7.65 |
| 2021 | 6 | 5.80 |
| 2020 | 4 | 7.78 |
| 2019 | 4 | 0.00 |
| 2018 | 3 | 8.20 |
It may take a day or so for new Yubico vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Yubico Security Vulnerabilities
| CVE | Date | Vulnerability | Products |
|---|---|---|---|
| CVE-2026-46419 | May 14, 2026 |
Yubico webauthn-server-core 2.8.0-2.8.1: Return-Value Bypass in 2FAYubico webauthn-server-core (aka java-webauthn-server) 2.8.0 before 2.8.2 incorrectly checks a function's return value in the second factor flow, leading to impersonation. |
|
| CVE-2026-40947 | Apr 15, 2026 |
Yubico libfido2 DLL Search Path Vulnerability Before 1.17.0Yubico libfido2 before 1.17.0, python-fido2 before 2.2.0, and yubikey-manager before 5.9.1 have an unintended DLL search path. |
|
| CVE-2025-23013 | Jan 15, 2025 |
pam-u2f v<1.3.1 Local Privilege Escalation via Auth BypassIn Yubico pam-u2f before 1.3.1, local privilege escalation can sometimes occur. This product implements a Pluggable Authentication Module (PAM) that can be deployed to support authentication using a YubiKey or other FIDO compliant authenticators on macOS or Linux. This software package has an issue that allows for an authentication bypass in some configurations. An attacker would require the ability to access the system as an unprivileged user. Depending on the configuration, the attacker may also need to know the user's password. |
Pam U2f
|
| CVE-2023-39908 | Aug 14, 2023 |
YubiHSM 2 SDK PKCS11 Mod Before 2023.01 Memory DisclosureThe PKCS11 module of the YubiHSM 2 SDK through 2023.01 does not properly validate the length of specific read operations on object metadata. This may lead to disclosure of uninitialized and previously used memory. |
Yubihsm 2 Sdk
|
| CVE-2022-24584 | May 11, 2022 |
Incorrect access control in Yubico OTP functionality of the YubiKey hardware tokens along with the Yubico OTP validation serverIncorrect access control in Yubico OTP functionality of the YubiKey hardware tokens along with the Yubico OTP validation server. The Yubico OTP supposedly creates hardware bound second factor credentials. When a user reprograms the OTP functionality by "writing" it on a token using the Yubico Personalization Tool, they can then upload the new configuration to Yubicos OTP validation servers. NOTE: the vendor disputes this because there is no way for a YubiKey device to prevent a user from deciding that a secret value, which is imported into the device, should also be stored elsewhere |
Otp
|
| CVE-2015-3298 | Mar 30, 2022 |
Yubico ykneo-openpgp before 1.0.10 has a typo in which an invalid PIN can be usedYubico ykneo-openpgp before 1.0.10 has a typo in which an invalid PIN can be used. When first powered up, a signature will be issued even though the PIN has not been validated. |
Ykneo Openpgp
|
| CVE-2021-43399 | Dec 08, 2021 |
The Yubico YubiHSM YubiHSM2 library 2021.08, included in the yubihsm-shell project, does not properly validate the length of some operations including SSH signing requests, and some data operations receivedThe Yubico YubiHSM YubiHSM2 library 2021.08, included in the yubihsm-shell project, does not properly validate the length of some operations including SSH signing requests, and some data operations received from a YubiHSM 2 device. |
Yubihsm 2 Software Development Kit
|
| CVE-2021-31924 | May 26, 2021 |
Yubico pam-u2f before 1.1.1 has a logic issueYubico pam-u2f before 1.1.1 has a logic issue that, depending on the pam-u2f configuration and the application used, could lead to a local PIN bypass. This issue does not allow user presence (touch) or cryptographic signature verification to be bypassed, so an attacker would still need to physically possess and interact with the YubiKey or another enrolled authenticator. If pam-u2f is configured to require PIN authentication, and the application using pam-u2f allows the user to submit NULL as the PIN, pam-u2f will attempt to perform a FIDO2 authentication without PIN. If this authentication is successful, the PIN requirement is bypassed. |
Pam U2f
|
| CVE-2021-32489 | May 10, 2021 |
An issue was discovered in the _send_secure_msg() function of Yubico yubihsm-shell through 2.0.3An issue was discovered in the _send_secure_msg() function of Yubico yubihsm-shell through 2.0.3. The function does not correctly validate the embedded length field of an authenticated message received from the device because response_msg.st.len=8 can be accepted but triggers an integer overflow, which causes CRYPTO_cbc128_decrypt (in OpenSSL) to encounter an undersized buffer and experience a segmentation fault. The yubihsm-shell project is included in the YubiHSM 2 SDK product. |
Yubihsm Shell
|
| CVE-2021-28484 | Apr 14, 2021 |
An issue was discovered in the /api/connector endpoint handler in Yubico yubihsm-connector before 3.0.1 (in YubiHSM SDK before 2021.04)An issue was discovered in the /api/connector endpoint handler in Yubico yubihsm-connector before 3.0.1 (in YubiHSM SDK before 2021.04). The handler did not validate the length of the request, which can lead to a state where yubihsm-connector becomes stuck in a loop waiting for the YubiHSM to send it data, preventing any further operations until the yubihsm-connector is restarted. An attacker can send 0, 1, or 2 bytes to trigger this. |
Yubihsm Connector
|
| CVE-2021-27217 | Mar 04, 2021 |
An issue was discovered in the _send_secure_msg() function of Yubico yubihsm-shell through 2.0.3An issue was discovered in the _send_secure_msg() function of Yubico yubihsm-shell through 2.0.3. The function does not correctly validate the embedded length field of an authenticated message received from the device. Out-of-bounds reads performed by aes_remove_padding() can crash the running process, depending on the memory layout. This could be used by an attacker to cause a client-side denial of service. The yubihsm-shell project is included in the YubiHSM 2 SDK product. |
Yubihsm Shell
|
| CVE-2021-3011 | Jan 07, 2021 |
An electromagnetic-wave side-channel issue was discovered on NXP SmartMX / P5x security microcontrollers and A7x secure authentication microcontrollersAn electromagnetic-wave side-channel issue was discovered on NXP SmartMX / P5x security microcontrollers and A7x secure authentication microcontrollers, with CryptoLib through v2.9. It allows attackers to extract the ECDSA private key after extensive physical access (and consequently produce a clone). This was demonstrated on the Google Titan Security Key, based on an NXP A7005a chip. Other FIDO U2F security keys are also impacted (Yubico YubiKey Neo and Feitian K9, K13, K21, and K40) as well as several NXP JavaCard smartcards (J3A081, J2A081, J3A041, J3D145_M59, J2D145_M59, J3D120_M60, J3D082_M60, J2D120_M60, J2D082_M60, J3D081_M59, J2D081_M59, J3D081_M61, J2D081_M61, J3D081_M59_DF, J3D081_M61_DF, J3E081_M64, J3E081_M66, J2E081_M64, J3E041_M66, J3E016_M66, J3E016_M64, J3E041_M64, J3E145_M64, J3E120_M65, J3E082_M65, J2E145_M64, J2E120_M65, J2E082_M65, J3E081_M64_DF, J3E081_M66_DF, J3E041_M66_DF, J3E016_M66_DF, J3E041_M64_DF, and J3E016_M64_DF). |
Yubikey Neo
|
| CVE-2020-24388 | Oct 19, 2020 |
An issue was discovered in the _send_secure_msg() function of yubihsm-shell through 2.0.2An issue was discovered in the _send_secure_msg() function of yubihsm-shell through 2.0.2. The function does not validate the embedded length field of a message received from the device. This could lead to an oversized memcpy() call that will crash the running process. This could be used by an attacker to cause a denial of service. |
Yubihsm Shell
|
| CVE-2020-24387 | Oct 19, 2020 |
An issue was discovered in the yh_create_session() function of yubihsm-shell through 2.0.2An issue was discovered in the yh_create_session() function of yubihsm-shell through 2.0.2. The function does not explicitly check the returned session id from the device. An invalid session id would lead to out-of-bounds read and write operations in the session array. This could be used by an attacker to cause a denial of service attack. |
Yubihsm Shell
|
| CVE-2020-10185 | Mar 05, 2020 |
The sync endpoint in YubiKey Validation Server before 2.40 allows remote attackers to replay an OTPThe sync endpoint in YubiKey Validation Server before 2.40 allows remote attackers to replay an OTP. NOTE: this issue is potentially relevant to persons outside Yubico who operate a self-hosted OTP validation service with a non-default configuration such as an open sync pool; the issue does NOT affect YubiCloud. |
Yubikey One Time Password Validation Server
|
| CVE-2020-10184 | Mar 05, 2020 |
The verify endpoint in YubiKey Validation Server before 2.40 does not check the length of SQL queries, whichThe verify endpoint in YubiKey Validation Server before 2.40 does not check the length of SQL queries, which allows remote attackers to cause a denial of service, aka SQL injection. NOTE: this issue is potentially relevant to persons outside Yubico who operate a self-hosted OTP validation service; the issue does NOT affect YubiCloud. |
Yubikey One Time Password Validation Server
|
| CVE-2019-12210 | Jun 04, 2019 |
In Yubico pam-u2f 1.0.7, when configured with debug and a custom debug log file is set using debug_fileIn Yubico pam-u2f 1.0.7, when configured with debug and a custom debug log file is set using debug_file, that file descriptor is not closed when a new process is spawned. This leads to the file descriptor being inherited into the child process; the child process can then read from and write to it. This can leak sensitive information and also, if written to, be used to fill the disk or plant misinformation. |
Pam U2f
|
| CVE-2019-12209 | Jun 04, 2019 |
Yubico pam-u2f 1.0.7 attempts parsing of the configured authfile (default $HOME/.config/Yubico/u2f_keys) as root (unless openasuser was enabled), and does not properly verifyYubico pam-u2f 1.0.7 attempts parsing of the configured authfile (default $HOME/.config/Yubico/u2f_keys) as root (unless openasuser was enabled), and does not properly verify that the path lacks symlinks pointing to other files on the system owned by root. If the debug option is enabled in the PAM configuration, part of the file contents of a symlink target will be logged, possibly revealing sensitive information. |
Pam U2f
|
| CVE-2018-20340 | Mar 21, 2019 |
Yubico libu2f-host 1.1.6 contains unchecked buffers in devs.c, which could enable a malicious token to exploit a buffer overflowYubico libu2f-host 1.1.6 contains unchecked buffers in devs.c, which could enable a malicious token to exploit a buffer overflow. An attacker could use this to attempt to execute malicious code using a crafted USB device masquerading as a security token on a computer where the affected library is currently in use. It is not possible to perform this attack with a genuine YubiKey. |
Libu2f Host
|
| CVE-2019-9578 | Mar 05, 2019 |
In devs.c in Yubico libu2f-host before 1.1.8In devs.c in Yubico libu2f-host before 1.1.8, the response to init is misparsed, leaking uninitialized stack memory back to the device. |
Libu2f Host
|
| CVE-2018-14780 | Aug 15, 2018 |
An out-of-bounds read issue was discovered in the Yubico-Piv 1.5.0 smartcard driverAn out-of-bounds read issue was discovered in the Yubico-Piv 1.5.0 smartcard driver. The file lib/ykpiv.c contains the following code in the function `_ykpiv_fetch_object()`: {% highlight c %} if(sw == SW_SUCCESS) { size_t outlen; int offs = _ykpiv_get_length(data + 1, &outlen); if(offs == 0) { return YKPIV_SIZE_ERROR; } memmove(data, data + 1 + offs, outlen); *len = outlen; return YKPIV_OK; } else { return YKPIV_GENERIC_ERROR; } {% endhighlight %} -- in the end, a `memmove()` occurs with a length retrieved from APDU data. This length is not checked for whether it is outside of the APDU data retrieved. Therefore the `memmove()` could copy bytes behind the allocated data buffer into this buffer. |
Piv Manager
Piv Tool
Smart Card Minidriver
And others... |
| CVE-2018-14779 | Aug 15, 2018 |
A buffer overflow issue was discovered in the Yubico-Piv 1.5.0 smartcard driverA buffer overflow issue was discovered in the Yubico-Piv 1.5.0 smartcard driver. The file lib/ykpiv.c contains the following code in the function `ykpiv_transfer_data()`: {% highlight c %} if(*out_len + recv_len - 2 > max_out) { fprintf(stderr, "Output buffer to small, wanted to write %lu, max was %lu.", *out_len + recv_len - 2, max_out); } if(out_data) { memcpy(out_data, data, recv_len - 2); out_data += recv_len - 2; *out_len += recv_len - 2; } {% endhighlight %} -- it is clearly checked whether the buffer is big enough to hold the data copied using `memcpy()`, but no error handling happens to avoid the `memcpy()` in such cases. This code path can be triggered with malicious data coming from a smartcard. |
Piv Manager
Piv Tool
Smart Card Minidriver
And others... |
| CVE-2018-9275 | Apr 04, 2018 |
In check_user_token in util.c in the Yubico PAM module (aka pam_yubico) 2.18 through 2.25, successful logins can leak file descriptors to the auth mapping fileIn check_user_token in util.c in the Yubico PAM module (aka pam_yubico) 2.18 through 2.25, successful logins can leak file descriptors to the auth mapping file, which can lead to information disclosure (serial number of a device) and/or DoS (reaching the maximum number of file descriptors). |
Yubico Pam
|