Out-of-bounds Read in Identd-ng Pam_authnft

CVE-2026-43916

pam_authnft is a PAM session module binding nftables firewall rules to authenticated sessions via cgroupv2 inodes. Prior to 0.2.0-alpha, a heap buffer over-read in peer_lookup_tcp (src/peer_lookup.c:134, prior to the fix) allowed a crafted…

Vulnerability class: Buffer Overflow

EPSS: 0.001 (17.6th percentile) — read the EPSS interpretation.