EUVD-2026-25981CVSS VectorNVD
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Lifecycle Timeline
6DescriptionNVD
In MIT Kerberos 5 (aka krb5) before 1.22.3, there is a NULL pointer dereference if an application calls gss_accept_sec_context() on a system with a NegoEx mechanism registered in /etc/gss/mech. An unauthenticated remote attacker can trigger this, causing the process to terminate in parse_nego_message.
AnalysisAI
NULL pointer dereference in MIT Kerberos 5 before version 1.22.3 allows unauthenticated remote attackers to trigger denial of service by sending specially crafted messages to systems with NegoEx mechanism registered, causing gss_accept_sec_context() to crash during message parsing. The vulnerability requires high attack complexity due to NegoEx mechanism registration dependency but results in service termination with no authentication required.
Sign in for full analysis, threat intelligence, and remediation guidance.
More from same product – last 7 days
Command injection in the shell-quote npm package allows attackers who can influence object-token inputs to inject arbitr
Heap buffer overflow in NGINX Plus and NGINX Open Source ngx_http_rewrite_module allows unauthenticated remote attackers
Vendor StatusVendor
Share
External POC / Exploit Code
Leaving vuln.today