📦 Keylime

Name: Keylime
Author: Keylime

by Keylime

🔍 What is Keylime?

Description coming soon...

🛡️ Security Overview

Click on a severity to filter vulnerabilities

⚠️ Known Vulnerabilities

CVE-2026-1709

CRITICAL CVSS 9.4 Feb 6, 2026

Keylime versions 7.12.0 and later have a critical authentication bypass vulnerability where the registrar fails to enforce client-side TLS certificate authentication. This allows unauthenticated netwo...

CVE-2022-1053

CRITICAL CVSS 9.1 May 6, 2022

This vulnerability in Keylime allows an attacker to bypass TPM-based hardware attestation by using mismatched attestation key (AK) and endorsement key (EK) pairs. Attackers can present a real TPM's EK...

CVE-2021-3406

CRITICAL CVSS 9.8 Feb 25, 2021

CVE-2021-3406 is a critical vulnerability in Keylime versions 5.8.1 and older that breaks the cryptographic chain of trust from hardware endorsement keys to agent attestations. This allows attackers t...

CVE-2023-38200

HIGH CVSS 7.5 Jul 24, 2023

This vulnerability in Keylime's registrar component allows remote attackers to cause a denial of service by exhausting all available SSL connections due to their blocking nature. It affects systems ru...