{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-44711", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-05-07T17:07:09.318Z", "datePublished": "2026-05-27T20:18:46.385Z", "dateUpdated": "2026-05-28T12:47:16.174Z"}, "containers": {"cna": {"title": "pam_usb: Symlink attacks on pad directory and pad files enable authentication bypass and root file corruption", "problemTypes": [{"descriptions": [{"cweId": "CWE-59", "lang": "en", "description": "CWE-59: Improper Link Resolution Before File Access ('Link Following')", "type": "CWE"}]}, {"descriptions": [{"cweId": "CWE-287", "lang": "en", "description": "CWE-287: Improper Authentication", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.9, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:H/A:H", "version": "3.1"}}], "references": [{"name": "https://github.com/mcdope/pam_usb/security/advisories/GHSA-fjpm-p9pj-mp34", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/mcdope/pam_usb/security/advisories/GHSA-fjpm-p9pj-mp34"}], "affected": [{"vendor": "mcdope", "product": "pam_usb", "versions": [{"version": "< 0.8.7", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-05-27T20:18:46.385Z"}, "descriptions": [{"lang": "en", "value": "pam_usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.8.7, symlink attacks on pad directory and pad files enable authentication bypass and root file corruption. This vulnerability is fixed in 0.8.7."}], "source": {"advisory": "GHSA-fjpm-p9pj-mp34", "discovery": "UNKNOWN"}}, "adp": [{"references": [{"url": "https://github.com/uniget-org/cli/security/advisories/GHSA-qqq4-5773-pmw5", "tags": ["exploit"]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-05-28T12:46:08.589726Z", "id": "CVE-2026-44711", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-05-28T12:47:16.174Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-44711", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-05-28T12:46:08.589726Z"}}}], "references": [{"url": "https://github.com/uniget-org/cli/security/advisories/GHSA-qqq4-5773-pmw5", "tags": ["exploit"]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-05-28T12:41:47.176Z"}}], "cna": {"title": "pam_usb: Symlink attacks on pad directory and pad files enable authentication bypass and root file corruption", "source": {"advisory": "GHSA-fjpm-p9pj-mp34", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 7.9, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}}], "affected": [{"vendor": "mcdope", "product": "pam_usb", "versions": [{"status": "affected", "version": "< 0.8.7"}]}], "references": [{"url": "https://github.com/mcdope/pam_usb/security/advisories/GHSA-fjpm-p9pj-mp34", "name": "https://github.com/mcdope/pam_usb/security/advisories/GHSA-fjpm-p9pj-mp34", "tags": ["x_refsource_CONFIRM"]}], "descriptions": [{"lang": "en", "value": "pam_usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.8.7, symlink attacks on pad directory and pad files enable authentication bypass and root file corruption. This vulnerability is fixed in 0.8.7."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-59", "description": "CWE-59: Improper Link Resolution Before File Access ('Link Following')"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-287", "description": "CWE-287: Improper Authentication"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-05-27T20:18:46.385Z"}}}, "cveMetadata": {"cveId": "CVE-2026-44711", "state": "PUBLISHED", "dateUpdated": "2026-05-28T12:47:16.174Z", "dateReserved": "2026-05-07T17:07:09.318Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2026-05-27T20:18:46.385Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "pam_usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.8.7, symlink attacks on pad directory and pad files enable authentication bypass and root file corruption. This vulnerability is fixed in 0.8.7."}], "id": "CVE-2026-44711", "lastModified": "2026-05-28T14:16:21.263", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.9, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.5, "impactScore": 5.8, "source": "[email protected]", "type": "Secondary"}]}, "published": "2026-05-27T21:16:18.073", "references": [{"source": "[email protected]", "url": "https://github.com/mcdope/pam_usb/security/advisories/GHSA-fjpm-p9pj-mp34"}, {"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "url": "https://github.com/uniget-org/cli/security/advisories/GHSA-qqq4-5773-pmw5"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-59"}, {"lang": "en", "value": "CWE-287"}], "source": "[email protected]", "type": "Secondary"}]}

{}