By vendor
Trustedfirmware vulnerabilities
Known CVEs affecting Trustedfirmware products, prioritized by severity, with SEC.co remediation and detection guidance.
1 published vulnerability
- CVE-2026-40290HIGH 7.8
OP-TEE is a trusted execution environment that provides a secure processing space on Arm-based processors. A race condition in OP-TEE versions 3.16.0 through 4.10.x creates a use-after-free vulnerability in the shared memory management code. The vulnerability occurs when OP-TEE is configured to manage secure partitions (a specific operational mode). A local user could exploit this by timing concurrent operations on shared memory to cause the system to access memory that has already been freed, potentially compromising the confidentiality, integrity, or availability of the secure environment.