{“lastseen”:””,”description”:”pam_usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.8.7, symlink attacks on pad directory and pad files enable authentication bypass and root file corruption. This vulnerability is fixed in 0.8.7.”,”published”:”2026-05-27T20:18:46.385Z”,”modified”:”2026-05-27T20:18:46.385Z”,”type”:”cve”,”title”:”pam_usb: Symlink attacks on pad directory and pad files enable authentication bypass and root file corruption”,”source”:”GitHub_M”,”references”:”https:\/\/github.com\/mcdope\/pam_usb\/security\/advisories\/GHSA-fjpm-p9pj-mp34″,”id”:”CVE-2026-44711″,”bulletinFamily”:””,”cwe”:[“CWE-59″,”CWE-287″],”cvelist”:null,”sourceData”:”mcdope pam_usb \\u003c 0.8.7″,”sourceHref”:””,”cvss”:{“score”:7.9,”severity”:”HIGH”,”vector”:”CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:R\/S:C\/C:N\/I:H\/A:H”,”version”:”3.1″},”cvss2″:{},”cvss3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””,”cvssV3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””}},”href”:””,”category_name”:”CVE”,”post_link”:””,”product”:”pam_usb”,”version”:”\\u003c 0.8.7″,”vendor”:”mcdope”,”ai_description”:””,”ai_severity”:””,”ai_vendor”:””,”ai_product”:””,”ai_version”:””,”ai_score”:0}<\/p>\n","protected":false},"excerpt":{"rendered":"
{“lastseen”:””,”description”:”pam_usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.8.7, symlink attacks on pad directory and pad files enable authentication bypass and…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[6,8,151,12,15,13,7,11,5],"class_list":["post-57641","post","type-post","status-publish","format-standard","hentry","category-category_cve","tag-cve","tag-cvss","tag-cvss-79","tag-exploit","tag-high","tag-news","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"\n