Important: Red Hat Security Advisory: memcached security update

An update for memcached is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

memcached: memcached: Username enumeration via timing side channel

A flaw was found in memcached. A remote attacker can exploit a timing side channel during Simple Authentication and Security Layer SASL password database authentication. This vulnerability allows an attacker to observe subtle timing differences, which could be used to enumerate valid usernames...

Zimbra Collaboration Suite - Memcached Command Injection

Zimbra Collaboration Suite versions 8.8.15 and 9.0 contain a memcached command injection vulnerability that allows an unauthenticated attacker to inject arbitrary memcache commands into a targeted instance, leading to cache poisoning and potential credential theft. id: CVE-2022-27924 info: name:...

SUSE SLES15 Security Update : memcached (SUSE-SU-2026:2293-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2293-1 advisory. This update for memcached fixes the following issues - CVE-2026-47783: timing side-channel in SASL password database authentication...

SUSE SLES12 Security Update : memcached (SUSE-SU-2026:2292-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2292-1 advisory. This update for memcached fixes the following issues - CVE-2026-47783: timing side-channel in SASL password database authentication username...

Updated memcached packages fix security vulnerabilities

CVE-2026-47784 In memcached before 1.6.42, password data for SASL password database authentication has a timing side channel because memcmp is used by saslserveruserdbcheckpass. CVE-2026-47783 In memcached before 1.6.42, username data for SASL password database authentication has a timing side...

MGASA-2026-0203 Updated memcached packages fix security vulnerabilities

CVE-2026-47784 In memcached before 1.6.42, password data for SASL password database authentication has a timing side channel because memcmp is used by saslserveruserdbcheckpass. CVE-2026-47783 In memcached before 1.6.42, username data for SASL password database authentication has a timing side...

Security update for memcached

This update for memcached fixes the following issues CVE-2026-47783: timing side-channel in SASL password database authentication username bsc1265873. CVE-2026-47784: timing side-channel in SASL password database authentication password bsc1265881. Patch Instructions: To install this SUSE update...

SUSE-SU-2026:2293-1 Security update for memcached

This update for memcached fixes the following issues - CVE-2026-47783: timing side-channel in SASL password database authentication username bsc1265873. - CVE-2026-47784: timing side-channel in SASL password database authentication password bsc1265881...

Security update for memcached

This update for memcached fixes the following issues CVE-2026-47783: timing side-channel in SASL password database authentication username bsc1265873. CVE-2026-47784: timing side-channel in SASL password database authentication password bsc1265881. Patch Instructions: To install this SUSE update...

SUSE-SU-2026:2292-1 Security update for memcached

This update for memcached fixes the following issues - CVE-2026-47783: timing side-channel in SASL password database authentication username bsc1265873. - CVE-2026-47784: timing side-channel in SASL password database authentication password bsc1265881...

Medium: memcached

Issue Overview: In memcached before 1.6.42, username data for SASL password database authentication has a timing side channel because a loop exits as soon as a valid username is found by saslserveruserdbcheckpass. CVE-2026-47783 In memcached before 1.6.42, password data for SASL password database...

Amazon Linux 2023 : memcached, memcached-devel, memcached-selinux (ALAS2023-2026-1781)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1781 advisory. In memcached before 1.6.42, username data for SASL password database authentication has a timing side channel because a loop exits as soon as a valid username is found by...

Moderate: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: memcached: memcached-1.6.42-0.1.hum1 aarch64, x8664 memcached-devel-1.6.42-0.1.hum1 aarch64, x8664 memcached-selinux-1.6.42-0.1.hum1 noarch memcached-1.6.42-0.1.hum1.src src...

SUSE CVE-2026-45686

OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. From version 0.7.0 to before version 0.9.0, a remotely reachable integer overflow in OBI's memcached text protocol parser can crash the OBI process and cause denial of service. When parsing...

CVE-2026-45686

OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. From version 0.7.0 to before version 0.9.0, a remotely reachable integer overflow in OBI's memcached text protocol parser can crash the OBI process and cause denial of service. When parsing...

Security update for memcached (important)

openSUSE security update: security update for memcached ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20884-1 Rating: important References: bsc1265873 bsc1265881 Cross-References: CVE-2026-47783 CVE-2026-47784 CVSS scores: CVE-2026-47783 SUSE : 8....

CVE-2026-45686

OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. From version 0.7.0 to before version 0.9.0, a remotely reachable integer overflow in OBI's memcached text protocol parser can crash the OBI process and cause denial of service. When parsing...

CVE-2026-45686

OpenTelemetry eBPF Instrumentation contains a remote integer overflow in OBI’s memcached text protocol parser (memcached_detect_transform.go) that can crash the OBI process and cause denial of service. Affected versions are 0.7.0 through before 0.9.0; the parser accepts large values for storage ...

CVE-2026-45686

OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. From version 0.7.0 to before version 0.9.0, a remotely reachable integer overflow in OBI's memcached text protocol parser can crash the OBI process and cause denial of service. When parsing...