CVE-2026-48829 – Apache GNU SASL NULL Pointer Dereference Vulnerability

CVE ID :CVE-2026-48829

Published : May 24, 2026, 2:22 a.m. | 1 hour, 35 minutes ago

Description :In GNU SASL before 2.2.3, DIGEST-MD5 has a NULL pointer dereference affecting both clients and servers, via a known token with no accompanying = character. This occurs in lib/digest-md5/getsubopt.c.

Severity: 7.5 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…