CVE-2026-44711
Deferred Deferred - Pending Action
Authentication Bypass in pam_usb via Symlink Attacks

Publication date: 2026-05-27

Last updated on: 2026-05-28

Assigner: GitHub, Inc.

Description
pam_usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.8.7, symlink attacks on pad directory and pad files enable authentication bypass and root file corruption. This vulnerability is fixed in 0.8.7.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-27
Last Modified
2026-05-28
Generated
2026-06-17
AI Q&A
2026-05-28
EPSS Evaluated
2026-06-15
NVD
CVE-2026-44711
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
uniget-org cli to 0.27.0 (inc)
uniget-org pam_usb to 0.8.7 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-287 When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.
CWE-59 The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

The vulnerability exists in pam_usb, a tool that provides hardware authentication for Linux using ordinary removable media. Prior to version 0.8.7, attackers could perform symlink attacks on the pad directory and pad files. These attacks enable authentication bypass and allow corruption of root files.

Impact Analysis

This vulnerability can allow an attacker to bypass authentication mechanisms, potentially gaining unauthorized access. Additionally, it can lead to corruption of root files, which may compromise system integrity and availability.

Mitigation Strategies

To mitigate this vulnerability, upgrade pam_usb to version 0.8.7 or later, where the symlink attack issue enabling authentication bypass and root file corruption has been fixed.

Compliance Impact

CVE-2026-44711 affects pam_usb by enabling authentication bypass and root file corruption through symlink attacks. This can lead to unauthorized access and potential compromise of system integrity and availability.

Such unauthorized access and integrity violations could impact compliance with common standards and regulations like GDPR and HIPAA, which require strict access controls and protection of sensitive data.

Specifically, the ability to bypass authentication and corrupt root files may lead to exposure or alteration of protected information, violating requirements for data confidentiality, integrity, and availability.

Therefore, until patched (in version 0.8.7), systems using vulnerable versions of pam_usb may be at risk of non-compliance with these regulations.

Detection Guidance

CVE-2026-44711 affects pam_usb versions prior to 0.8.7 by allowing symlink attacks on pad directories and pad files, enabling authentication bypass and root file corruption.

To detect this vulnerability on your system, you should first verify the installed version of pam_usb and check if it is older than 0.8.7.

  • Check the installed pam_usb version: `pam_usb --version` or check package manager info, e.g., `dpkg -l | grep pam_usb` or `rpm -qi pam_usb`.
  • Inspect the pad directory and pad files for suspicious symlinks that could be exploited. For example, run `find /path/to/pad_directory -type l -ls` to list symbolic links.
  • Use `lstat` or tools that do not follow symlinks to verify if any pad files or directories are symlinks pointing to unexpected locations.
  • Check for unexpected modifications or corruption of root-owned files that could indicate exploitation.

Since the vulnerability involves symlink attacks and improper file handling, monitoring filesystem changes and symlink creations in the pad directory can help detect exploitation attempts.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-44711. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart