EUVD-2026-23135

🗓️ 16 Apr 2026 00:54:04Reported by EUVDType

An unintended dynamic library search path affects Yubico libfido2, python-fido2, and yubikey-manager.

Reporter	Title	Published	Views	Family All 14
ATTACKERKB	CVE-2026-40947	15 Apr 202623:13	–	attackerkb
Circl	CVE-2026-40947	16 Apr 202602:03	–	circl
CNNVD	Yubico多款产品安全漏洞	16 Apr 202600:00	–	cnnvd
CVE	CVE-2026-40947	15 Apr 202623:13	–	cve
Cvelist	CVE-2026-40947	15 Apr 202623:13	–	cvelist
Debian CVE	CVE-2026-40947	15 Apr 202623:13	–	debiancve
NVD	CVE-2026-40947	16 Apr 202600:16	–	nvd
Positive Technologies	PT-2026-33184	15 Apr 202600:00	–	ptsecurity
Snyk	Untrusted Search Path	16 Apr 202600:29	–	snyk
SUSE CVE	SUSE CVE-2026-40947	16 Apr 202623:27	–	susecve

[
  {
    "enisaIdVendor": [
      {
        "id": "1a6b9a13-ed72-3509-bfae-798c0c17ac1c",
        "vendor": {
          "name": "Yubico"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "4d795c72-a45b-3b93-8515-a89143e1d494",
        "product": {
          "name": "libfido2"
        },
        "product_version": "0 <1.17.0"
      },
      {
        "id": "81d5f32b-e42d-340f-800a-7fe136c1ba63",
        "product": {
          "name": "yubikey-manager"
        },
        "product_version": "0 <5.9.1"
      },
      {
        "id": "d86dc150-16d3-3c70-af20-f48118f4a4ae",
        "product": {
          "name": "python-fido2"
        },
        "product_version": "0 <2.2.0"
      }
    ]
  }
]

Source	Link
yubico	www.yubico.com/support/security-advisories/ysa-2026-01/
nvd	www.nvd.nist.gov/vuln/detail/CVE-2026-40947

16 Apr 2026 00:54Current

5.8Medium risk

Vulners AI Score5.8

CVSS 3.12.9

EPSS0.00006