{"api_version":"1","generated_at":"2026-05-28T16:29:35+00:00","cve":"CVE-2026-44711","urls":{"html":"https://cve.report/CVE-2026-44711","api":"https://cve.report/api/cve/CVE-2026-44711.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2026-44711","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2026-44711"},"summary":{"title":"pam_usb: Symlink attacks on pad directory and pad files enable authentication bypass and root file corruption","description":"pam_usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.8.7, symlink attacks on pad directory and pad files enable authentication bypass and root file corruption. This vulnerability is fixed in 0.8.7.","state":"PUBLISHED","assigner":"GitHub_M","published_at":"2026-05-27 21:16:18","updated_at":"2026-05-28 14:16:21"},"problem_types":["CWE-59","CWE-287","CWE-59 CWE-59: Improper Link Resolution Before File Access ('Link Following')","CWE-287 CWE-287: Improper Authentication"],"metrics":[{"version":"3.1","source":"security-advisories@github.com","type":"Secondary","score":"7.9","severity":"HIGH","vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:H/A:H","data":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:H/A:H","baseScore":7.9,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"HIGH"}},{"version":"3.1","source":"CNA","type":"DECLARED","score":"7.9","severity":"HIGH","vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:H/A:H","data":{"attackComplexity":"LOW","attackVector":"LOCAL","availabilityImpact":"HIGH","baseScore":7.9,"baseSeverity":"HIGH","confidentialityImpact":"NONE","integrityImpact":"HIGH","privilegesRequired":"LOW","scope":"CHANGED","userInteraction":"REQUIRED","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:H/A:H","version":"3.1"}}],"references":[{"url":"https://github.com/mcdope/pam_usb/security/advisories/GHSA-fjpm-p9pj-mp34","name":"https://github.com/mcdope/pam_usb/security/advisories/GHSA-fjpm-p9pj-mp34","refsource":"security-advisories@github.com","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://github.com/uniget-org/cli/security/advisories/GHSA-qqq4-5773-pmw5","name":"https://github.com/uniget-org/cli/security/advisories/GHSA-qqq4-5773-pmw5","refsource":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2026-44711","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-44711","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"mcdope","product":"pam_usb","version":"affected < 0.8.7","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"metrics":[{"other":{"content":{"id":"CVE-2026-44711","options":[{"Exploitation":"poc"},{"Automatable":"no"},{"Technical Impact":"total"}],"role":"CISA Coordinator","timestamp":"2026-05-28T12:46:08.589726Z","version":"2.0.3"},"type":"ssvc"}}],"providerMetadata":{"dateUpdated":"2026-05-28T12:47:16.174Z","orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP"},"references":[{"tags":["exploit"],"url":"https://github.com/uniget-org/cli/security/advisories/GHSA-qqq4-5773-pmw5"}],"title":"CISA ADP Vulnrichment"}],"cna":{"affected":[{"product":"pam_usb","vendor":"mcdope","versions":[{"status":"affected","version":"< 0.8.7"}]}],"descriptions":[{"lang":"en","value":"pam_usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.8.7, symlink attacks on pad directory and pad files enable authentication bypass and root file corruption. This vulnerability is fixed in 0.8.7."}],"metrics":[{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"LOCAL","availabilityImpact":"HIGH","baseScore":7.9,"baseSeverity":"HIGH","confidentialityImpact":"NONE","integrityImpact":"HIGH","privilegesRequired":"LOW","scope":"CHANGED","userInteraction":"REQUIRED","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:H/A:H","version":"3.1"}}],"problemTypes":[{"descriptions":[{"cweId":"CWE-59","description":"CWE-59: Improper Link Resolution Before File Access ('Link Following')","lang":"en","type":"CWE"}]},{"descriptions":[{"cweId":"CWE-287","description":"CWE-287: Improper Authentication","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2026-05-27T20:18:46.385Z","orgId":"a0819718-46f1-4df5-94e2-005712e83aaa","shortName":"GitHub_M"},"references":[{"name":"https://github.com/mcdope/pam_usb/security/advisories/GHSA-fjpm-p9pj-mp34","tags":["x_refsource_CONFIRM"],"url":"https://github.com/mcdope/pam_usb/security/advisories/GHSA-fjpm-p9pj-mp34"}],"source":{"advisory":"GHSA-fjpm-p9pj-mp34","discovery":"UNKNOWN"},"title":"pam_usb: Symlink attacks on pad directory and pad files enable authentication bypass and root file corruption"}},"cveMetadata":{"assignerOrgId":"a0819718-46f1-4df5-94e2-005712e83aaa","assignerShortName":"GitHub_M","cveId":"CVE-2026-44711","datePublished":"2026-05-27T20:18:46.385Z","dateReserved":"2026-05-07T17:07:09.318Z","dateUpdated":"2026-05-28T12:47:16.174Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.2"},"nvd":{"publishedDate":"2026-05-27 21:16:18","lastModifiedDate":"2026-05-28 14:16:21","problem_types":["CWE-59","CWE-287","CWE-59 CWE-59: Improper Link Resolution Before File Access ('Link Following')","CWE-287 CWE-287: Improper Authentication"],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:H/A:H","baseScore":7.9,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.5,"impactScore":5.8}]},"configurations":[]},"legacy_mitre":{"record":{"CveYear":"2026","CveId":"44711","Ordinal":"1","Title":"pam_usb: Symlink attacks on pad directory and pad files enable a","CVE":"CVE-2026-44711","Year":"2026"},"notes":[{"CveYear":"2026","CveId":"44711","Ordinal":"1","NoteData":"pam_usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.8.7, symlink attacks on pad directory and pad files enable authentication bypass and root file corruption. This vulnerability is fixed in 0.8.7.","Type":"Description","Title":"pam_usb: Symlink attacks on pad directory and pad files enable a"}]}}}