CVE Catalog

CVE-2026-55706

MediumCVSS 5.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.21%

12th percentile — higher than 12% of all known CVEs

Summary

In OpenBSD before version 076e2b1, there is a vulnerability in the sppp_pap_input function that allows authentication bypass via certain zero values for lengths.

Risk Assessment

Organizations may be exposed to unauthorized access to systems, potentially leading to serious security breaches.

Recommendation

It is recommended to update OpenBSD to the latest version to mitigate this vulnerability.

Original NVD description (English source)

sppp_pap_input in sys/net/if_spppsubr.c in OpenBSD before 076e2b1 allows authentication bypass via certain zero values for lengths.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS