NULL Pointer Dereference in MIT Kerberos 5 Affects Unix Systems
CVE-2026-40355

5.9MEDIUM

Key Information:

Vendor: Mit
Status: Kerberos 5
Vendor: CVE Published:; 28 April 2026

What is CVE-2026-40355?

A vulnerability in MIT Kerberos 5 prior to version 1.22.3 allows an unauthenticated remote attacker to exploit a NULL pointer dereference when calling gss_accept_sec_context(). This issue arises in systems using a NegoEx mechanism registered in the /etc/gss/mech file. An attacker can trigger the problem, resulting in a termination of the process during the parse_nego_message phase.

Affected Version(s)

Kerberos 5 1.18 < 1.22.3

References

https://web.mit.edu/kerberos/advisories/

https://cems.fun/2026/04/27/krb5-two-unauthenticated-netw...

https://github.com/krb5/krb5/commit/2e75f0d9362fb979f5fc9...

CVSS V3.1

Score:

5.9

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 28, 2026
Vulnerability Reserved
Apr 11, 2026

CVE-2026-40355 Data

JSON

Mit

What is CVE-2026-40355?

Affected Version(s)

References

CVSS V3.1

Timeline