Skip to main content

pam_usb CVE-2026-44711

| EUVD-2026-32659 HIGH
Improper Link Resolution Before File Access (CWE-59)
2026-05-27 security-advisories@github.com
Authentication Bypass
7.9
CVSS 3.1
Share

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
Required
Scope
Changed
Confidentiality
None
Integrity
High
Availability
High

Lifecycle Timeline

3
Patch available
May 27, 2026 - 22:04 EUVD
Analysis Generated
May 27, 2026 - 21:31 vuln.today
CVE Published
May 27, 2026 - 21:16 nvd
HIGH 7.9

DescriptionNVD

pam_usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.8.7, symlink attacks on pad directory and pad files enable authentication bypass and root file corruption. This vulnerability is fixed in 0.8.7.

AnalysisAI

Symlink-based authentication bypass and file corruption in pam_usb before 0.8.7 lets a local, low-privileged user defeat USB hardware authentication and overwrite root-owned files. By planting symlinks in the pad directory or on individual pad files, an attacker abuses CWE-59 link-following during the one-time-pad rotation that pam_usb performs on login, redirecting privileged file operations. …

Sign in for full analysis, threat intelligence, and remediation guidance.

RemediationAI

24 hours: Inventory all systems running pam_usb and document version numbers. 7 days: Develop remediation plan including option to temporarily disable pam_usb, implement stricter local access controls, or evaluate alternative USB authentication solutions. …

Sign in for detailed remediation steps.

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Sign in - Free

Share

CVE-2026-44711 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy