High severity8.1NVD Advisory· Published May 20, 2026· Updated May 21, 2026
CVE-2026-47783
CVE-2026-47783
Description
In memcached before 1.6.42, username data for SASL password database authentication has a timing side channel because a loop exits as soon as a valid username is found by sasl_server_userdb_checkpass.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
9- osv-coords6 versionspkg:bitnami/memcachedpkg:rpm/almalinux/memcachedpkg:rpm/almalinux/memcached-selinuxpkg:rpm/opensuse/memcached&distro=openSUSE%20Tumbleweedpkg:rpm/suse/memcached&distro=SUSE%20Linux%20Enterprise%20Server%2016.0pkg:rpm/suse/memcached&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20applications%2016.0
< 1.6.42+ 5 more
- (no CPE)range: < 1.6.42
- (no CPE)range: < 1.6.23-7.el10_2.1
- (no CPE)range: < 1.6.23-7.el10_2.1
- (no CPE)range: < 1.6.42-1.1
- (no CPE)range: < 1.6.38-160000.3.1
- (no CPE)range: < 1.6.38-160000.3.1
Patches
Vulnerability mechanics
References
2News mentions
1- ⚡ Weekly Recap: New Linux Flaw, PAN-OS Exploit, AI-Powered Attacks, OAuth Phishing and MoreThe Hacker News · Jun 1, 2026