CVE-2026-45686

OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. From version 0.7.0 to before version 0.9.0, a remotely reachable integer overflow in OBI's memcached text protocol parser can crash the OBI process and cause denial of service. When parsing...

Security update for memcached (important)

openSUSE security update: security update for memcached ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20884-1 Rating: important References: bsc1265873 bsc1265881 Cross-References: CVE-2026-47783 CVE-2026-47784 CVSS scores: CVE-2026-47783 SUSE : 8....

CVE-2026-45686

OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. From version 0.7.0 to before version 0.9.0, a remotely reachable integer overflow in OBI's memcached text protocol parser can crash the OBI process and cause denial of service. When parsing...

CVE-2026-45686 OpenTelemetry eBPF Instrumentation: Memcached payload length overflow can crash OBI

OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. From version 0.7.0 to before version 0.9.0, a remotely reachable integer overflow in OBI's memcached text protocol parser can crash the OBI process and cause denial of service. When parsing...

CVE-2026-45686

OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. From version 0.7.0 to before version 0.9.0, a remotely reachable integer overflow in OBI's memcached text protocol parser can crash the OBI process and cause denial of service. When parsing...

CVE-2026-45686 OpenTelemetry eBPF Instrumentation: Memcached payload length overflow can crash OBI

OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. From version 0.7.0 to before version 0.9.0, a remotely reachable integer overflow in OBI's memcached text protocol parser can crash the OBI process and cause denial of service. When parsing...

EUVD-2026-33959

OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. From version 0.7.0 to before version 0.9.0, a remotely reachable integer overflow in OBI's memcached text protocol parser can crash the OBI process and cause denial of service. When parsing...

CVE-2026-45686

OpenTelemetry eBPF Instrumentation contains a remote integer overflow in OBI’s memcached text protocol parser (memcached_detect_transform.go) that can crash the OBI process and cause denial of service. Affected versions are 0.7.0 through before 0.9.0; the parser accepts large values for storage ...

Zimbra Collaboration Suite - Memcached Command Injection

Zimbra Collaboration Suite versions 8.8.15 and 9.0 contain a memcached command injection vulnerability that allows an unauthenticated attacker to inject arbitrary memcache commands into a targeted instance, leading to cache poisoning and potential credential theft. id: CVE-2022-27924 info: name:...

memcached-1.6.42-1.1 on GA media (moderate)

memcached-1.6.42-1.1 on GA media Announcement ID: openSUSE-SU-2026:10882-1 Rating: moderate Cross-References: CVE-2026-47783 CVE-2026-47784 CVSS scores: CVE-2026-47783 SUSE : 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2026-47784 SUSE : 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H...

Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS : Memcached vulnerabilities (USN-8320-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8320-1 advisory. It was discovered that Memcached's SASL password database authentication had a timing side channel when handling username...

OPENSUSE-SU-2026:10882-1 memcached-1.6.42-1.1 on GA media

These are all security issues fixed in the memcached-1.6.42-1.1 package on the GA media of openSUSE Tumbleweed...

USN-8320-1: Memcached vulnerabilities

It was discovered that Memcached's SASL password database authentication had a timing side channel when handling username and password data. A remote attacker could possibly use this issue to obtain sensitive information...

USN-8320-1 memcached vulnerabilities

It was discovered that Memcached's SASL password database authentication had a timing side channel when handling username and password data. A remote attacker could possibly use this issue to obtain sensitive information...

CVE-2026-47783

A flaw was found in memcached. A remote attacker can exploit a timing side channel during Simple Authentication and Security Layer SASL password database authentication. This vulnerability allows an attacker to observe subtle timing differences, which could be used to enumerate valid usernames...

[SECURITY] [DLA 4601-1] memcached security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4601-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb May 26, 2026 https://wiki.debian.org/LTS - -------------------------------------------------------------------------...

Debian dla-4601 : memcached - security update

The remote Debian 11 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-4601 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4601-1 [email protected]...

CVE-2026-47783 affecting package memcached for versions less than 1.6.27-5

CVE-2026-47783 affecting package memcached for versions less than 1.6.27-5. A patched version of the package is available...

CVE-2026-47784 affecting package memcached for versions less than 1.6.27-5

CVE-2026-47784 affecting package memcached for versions less than 1.6.27-5. A patched version of the package is available...

BIT-MEMCACHED-2026-47784

In memcached before 1.6.42, password data for SASL password database authentication has a timing side channel because memcmp is used by saslserveruserdbcheckpass...