Opensuse Munge vulnerabilities

CVE-2026-25506 [HIGH] CWE-787 CVE-2026-25506: MUNGE is an authentication service for creating and validating user credentials. From 0.5 to 0.5.17, MUNGE is an authentication service for creating and validating user credentials. From 0.5 to 0.5.17, local attacker can exploit a buffer overflow vulnerability in munged (the MUNGE authentication daemon) to leak cryptographic key material from process memory. With the leaked key material, the attacker could forge arbitrary MUNGE credentials to imperso

CVE-2019-3691 [HIGH] CWE-59 CVE-2019-3691: A Symbolic Link (Symlink) Following vulnerability in the packaging of munge in SUSE Linux Enterprise A Symbolic Link (Symlink) Following vulnerability in the packaging of munge in SUSE Linux Enterprise Server 15; openSUSE Factory allowed local attackers to escalate privileges from user munge to root. This issue affects: SUSE Linux Enterprise Server 15 munge versions prior to 0.5.13-4.3.1. openSUSE Factory munge versions prior to 0.5.13-6.1.