CVE-2026-48829
HIGH EPSS 36.3%
Published May 24, 20261mo ago · Modified Jun 17, 20262w ago
7.5 CVSS 3.1
Published May 24, 2026 1mo ago
Last Modified Jun 17, 2026 2w ago
Description
In GNU SASL before 2.2.3, DIGEST-MD5 has a NULL pointer dereference affecting both clients and servers, via a known token with no accompanying = character. This occurs in lib/digest-md5/getsubopt.c.
CVSS Details
Base Score
Exploitability
Impact
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Attack Vector Network
Attack Complexity Low
Privileges Required None
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High
Threat Intelligence
EPSS Exploit Probability
36.3% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available
Weaknesses 1
CWE-476 NULL Pointer Dereference Memory Safety
References 5
- codeberg.org https://codeberg.org/gsasl/gsasl/commit/da9b5ae2962b014879e4a406c3b38f25aa70e97a
- lists.debian.org https://lists.debian.org/debian-lts-announce/2026/06/msg00007.html
- lists.debian.org https://lists.debian.org/debian-security-announce/2026/msg00182.html
- lists.gnu.org https://lists.gnu.org/archive/html/help-gsasl/2026-05/msg00000.html
- lists.gnu.org https://lists.gnu.org/archive/html/help-gsasl/2026-05/msg00002.html
Remediation
No remediation data recorded yet
Check vendor advisories and the NVD entry for patch availability.