CVE-2026-32953

EUVD-2026-13545

20.03.2026, 05:16

Tillitis TKey Client package is a Go package for a TKey client. Versions 1.2.0 and below contain a critical bug in the tkeyclient Go module which causes 1 out of every 256 User Supplied Secrets (USS) to be silently ignored, producing the same Compound Device Identifier (CDI)—and thus the same key material—as if no USS is provided. This happens because a buffer index error overwrites the USS-enabled boolean with the first byte of the USS digest, so any USS whose hash starts with 0x00 is effectively discarded. This issue has been fixed in version 1.3.0. Users unable to upgrade immediately should switch to a USS whose hash does not begin with a zero byte.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	4.6 MEDIUM	PHYSICAL	LOW	NONE	CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Base Score

CVSS 3.x

EPSS Score

Percentile: Unknown

Affected Products (NVD)

Vendor	Product	Version
tillitis	tkey_client	𝑥 < 1.3.0

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

golang-github-tillitis-tkeyclient

forky	1.3.1-1 fixed
sid	1.3.1-1 fixed
trixie	no-dsa

Ubuntu Releases

Ubuntu Product

Codename

golang-github-tillitis-tkeyclient

jammy	dne
noble	dne
questing	needs-triage
resolute	needs-triage

Known Exploits!

https://github.com/tillitis/tkeyclient/security/advisories/GHSA-4w7r-3222-8h6v

Common Weakness Enumeration

CWE-303 - Incorrect Implementation of Authentication Algorithm
The requirements for the software dictate the use of an established authentication algorithm, but the implementation of the algorithm is incorrect.

References

https://github.com/tillitis/tkeyclient/commit/4954dccf0287657edf8d405057e134cdff9c59e8

https://github.com/tillitis/tkeyclient/releases/tag/v1.3.0

https://github.com/tillitis/tkeyclient/security/advisories/GHSA-4w7r-3222-8h6v