CVE-2026-44713 | mcdope pam_usb up to 0.8.6 on Linux socket-path src/tmux.c popen TMUX os command injection (GHSA-822m-whrh-vrj8)

Inserito da Angelo Barbosa | Mag 28, 2026 | CVE

A vulnerability categorized as critical has been discovered in mcdope pam_usb up to 0.8.6 on Linux. This vulnerability affects the function popen of the file src/tmux.c of the component socket-path. Executing a manipulation of the argument TMUX can lead to os command injection.

This vulnerability is handled as CVE-2026-44713. It is possible to launch the attack on the local host. There is not any exploit available.

It is advisable to upgrade the affected component.

CVE-2026-44713 | mcdope pam_usb up to 0.8.6 on Linux socket-path src/tmux.c popen TMUX os command injection (GHSA-822m-whrh-vrj8)

Post correlati

CVE-2024-28537 | Tenda AC18 15.03.05.05 fromNatStaticSetting page stack-based overflow

CVE-2024-1994 | Image Watermark Plugin up to 1.7.3 on WordPress Watermark Modification authorization

CVE-2025-26489 | Infinera MTC-9 up to 22.x XML denial of service

CVE-2024-1587 | Newsmatic Plugin up to 1.3.4 on WordPress newsmatic_filter_posts_load_tab_content information disclosure