Skip to main content

Memcached EUVDEUVD-2026-31065

| CVE-2026-47783 HIGH
Observable Timing Discrepancy (CWE-208)
2026-05-20 mitre GHSA-qjpx-j6j4-8xpr
8.1
CVSS 3.1 · Vendor: mitre
Share

Severity by source

Vendor (mitre) PRIMARY
8.1 HIGH
AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
SUSE
HIGH
qualitative
Red Hat
8.1 HIGH
qualitative

Primary rating from Vendor (mitre).

CVSS VectorVendor: mitre

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

3
Patch available
May 20, 2026 - 07:01 EUVD
Source Code Evidence Fetched
May 20, 2026 - 07:00 vuln.today
Analysis Generated
May 20, 2026 - 07:00 vuln.today

DescriptionCVE.org

In memcached before 1.6.42, username data for SASL password database authentication has a timing side channel because a loop exits as soon as a valid username is found by sasl_server_userdb_checkpass.

AnalysisAI

Observable timing discrepancy in memcached prior to version 1.6.42 enables remote attackers to enumerate valid SASL authentication usernames by measuring response time differences. The vulnerable sasl_server_userdb_checkpass function exits its credential-file loop early upon matching a valid username, producing measurable timing variance between known and unknown accounts. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.

CVE-2016-8706 HIGH POC
8.1 Jan 06

An integer overflow in process_bin_sasl_auth function in Memcached, which is responsible for authentication commands of

CVE-2016-8704 CRITICAL POC
9.8 Jan 06

An integer overflow in the process_bin_append_prepend function in Memcached, which is responsible for processing multipl

CVE-2016-8705 CRITICAL POC
9.8 Jan 06

Multiple integer overflows in process_bin_update function in Memcached, which is responsible for processing multiple com

CVE-2022-26635 CRITICAL POC
9.8 Apr 05

PHP-Memcached v2.2.0 and below contains an improper NULL termination which allows attackers to execute CLRF injection. R

CVE-2017-9951 HIGH POC
7.5 Jul 17

The try_read_command function in memcached.c in memcached before 1.4.39 allows remote attackers to cause a denial of ser

CVE-2020-10931 HIGH POC
7.5 Mar 24

Memcached 1.6.x before 1.6.2 allows remote attackers to cause a denial of service (daemon crash) via a crafted binary pr

CVE-2019-11596 HIGH POC
7.5 Apr 29

In memcached before 1.5.14, a NULL pointer dereference was found in the "lru mode" and "lru temp_ttl" commands. Rated hi

CVE-2018-1000115 HIGH POC
7.5 Mar 05

Memcached version 1.5.5 contains an Insufficient Control of Network Message Volume (Network Amplification, CWE-406) vuln

CVE-2023-46853 CRITICAL
9.8 Oct 27

In Memcached before 1.6.22, an off-by-one error exists when processing proxy requests in proxy mode, if \n is used inste

CVE-2023-46852 HIGH
7.5 Oct 27

In Memcached before 1.6.22, a buffer overflow exists when processing multiget requests in proxy mode, if there are many

CVE-2019-15026 HIGH
7.5 Aug 30

memcached 1.5.16, when UNIX sockets are used, has a stack-based buffer over-read in conn_to_str in memcached.c. Rated hi

CVE-2018-1000127 HIGH
7.5 Mar 13

memcached version prior to 1.4.37 contains an Integer Overflow vulnerability in items.c:item_free() that can result in d

Vendor StatusVendor

SUSE

Severity: High
Product Status
SUSE Linux Enterprise High Performance Computing 15 SP7 Fixed
SUSE Linux Enterprise Module for Server Applications 15 SP7 Fixed
SUSE Linux Enterprise Server 15 SP7 Fixed
SUSE Linux Enterprise Server 16.0 Fixed
SUSE Linux Enterprise Server 16.1 Fixed

Share

EUVD-2026-31065 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy