Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2026-12610

A flaw was found in sssd. When authenticating with a YubiKey, the SSSD PAM responder can crash due to a use-after-free vulnerability, where a memory pointer is incorrectly handled. A local attacker could exploit this flaw by manipulating smartcard or YubiKey contents, leading to a denial of service that disrupts authentication. This vulnerability also presents a potential for privilege escalation, although it is difficult to exploit.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 5.1%
CVSS Severity
CVSS v3 Score 6.4
Products affected by CVE-2026-12610


Contact Us

Shodan ® - All rights reserved