| CVE-2026-1709 |
critical |
— |
9.5 |
|
|
|
4mo ago |
Critical: keylime security update |
| CVE-2025-13609 |
high |
— |
8.0 |
|
|
|
6mo ago |
Keylime allows users to register new agents by recycling existing UUIDs when using different TPM devices |
| CVE-2026-6420 |
medium |
6.3 |
6.3 |
|
|
|
29d ago |
Keylime has a hardcoded attestation challenge nonce that allows replay attacks |
| CVE-2023-38201 |
medium |
— |
5.5 |
|
|
|
3y ago |
Moderate: keylime security update |
| CVE-2023-38200 |
medium |
— |
5.5 |
|
|
|
3y ago |
Moderate: keylime security update |
| CVE-2022-3500 |
medium |
— |
5.5 |
|
|
|
4y ago |
Moderate: keylime security update |
| CVE-2023-3674 |
low |
— |
2.5 |
|
|
|
2y ago |
Low: keylime security update |
| CVE-2025-1057 |
unknown |
— |
— |
|
|
|
1y ago |
Keylime registrar is vulnerable to Denial-of-Service attack when updated to version 7.12.0 |
| CVE-2022-1053 |
unknown |
— |
— |
|
|
|
4y ago |
Keylime does not enforce that the agent registrar data is the same when the tenant uses it for validation of the EK and identity quote and the verifier for validating the integrity quote. This allows… |
