YSA-2026-02 | Yubico

A security update is available for the Yubico open-source software project webauthn-server-core to resolve a user impersonation vulnerability. No Yubico hardware is affected. In specific implementations, an attacker that has an existing account with a relying party RP can authenticate as a target...

Yubico YubiHSM Shell Installed (Linux)

Binary data yubicoyubihsmshellnixinstalled.nbin...

UBUNTU-CVE-2025-23013

In Yubico pam-u2f before 1.3.1, local privilege escalation can sometimes occur. This product implements a Pluggable Authentication Module PAM that can be deployed to support authentication using a YubiKey or other FIDO compliant authenticators on macOS or Linux. This software package has an issue...

Yubico pam-u2f 安全漏洞

Yubico pam-u2f is a pluggable authentication module for U2F and FIDO2 from Yubico. A security vulnerability exists in Yubico pam-u2f versions prior to 1.3.1 that stems from allowing authentication to be bypassed in certain configurations, where local elevation of privilege may occur...

Yubico YubiKey 安全漏洞

Yubico YubiKey is a hardware authentication device from the Swedish company Yubico. A security vulnerability exists in the Yubico YubiKey Manager GUI version prior to 1.2.6, which stems from the presence of an elevation of privilege vulnerability...

Yubico ykneo-openpgp 数据伪造问题漏洞

Yubico ykneo-openpgp is an open source security product from the Swedish company Yubico. It implements the OpenPGP card functionality used on YubiKey NEO devices sold by Yubico. A data forgery issue vulnerability exists in versions prior to Yubico ykneo-openpgp 1.0.10. The vulnerability stems fro...