CVE-2026-56968
CVE-2026-56968 affects GNU SASL versions prior to 2.2.4. The NTLM client’s short challenge in the function _gsasl_ntlm_client_step has inadequate sanitization, which can lead to memory disclosure when interacting with a crafted server. Public sources (SUSE, Debian OSV, Ubuntu/Ubuntu-related advis...