CVE-2026-25506
HIGHCVSS Vector
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:L
Lifecycle Timeline
3Description
MUNGE is an authentication service for creating and validating user credentials. From 0.5 to 0.5.17, local attacker can exploit a buffer overflow vulnerability in munged (the MUNGE authentication daemon) to leak cryptographic key material from process memory. With the leaked key material, the attacker could forge arbitrary MUNGE credentials to impersonate any user (including root) to services that rely on MUNGE for authentication. The vulnerability allows a buffer overflow by sending a crafted message with an oversized address length field, corrupting munged's internal state and enabling extraction of the MAC subkey used for credential verification. This vulnerability is fixed in 0.5.18.
Analysis
Buffer overflow in MUNGE authentication daemon (versions 0.5 to 0.5.17) allows local attackers to extract cryptographic key material from memory, enabling forgery of credentials to impersonate any user on systems relying on MUNGE for authentication. By sending a crafted message with an oversized address length field, an attacker can corrupt the daemon's internal state and retrieve the MAC subkey used for credential verification. …
Sign in for full analysis, threat intelligence, and remediation guidance.
Remediation
Within 24 hours: Inventory all systems running MUNGE versions 0.5-0.5.17 and assess which are internet-facing or handle sensitive authentication. Within 7 days: Apply the available vendor patch to all affected systems, prioritizing production authentication infrastructure and systems with high-privilege access. …
Sign in for detailed remediation steps.
Priority Score
Vendor Status
Share
External POC / Exploit Code
Leaving vuln.today