CVE Catalog
CVE-2026-55706
MediumCVSS 5.8Exploitation Probability (EPSS)
Low risk0.21%
12th percentile — higher than 12% of all known CVEs
Summary
In OpenBSD before version 076e2b1, there is a vulnerability in the sppp_pap_input function that allows authentication bypass via certain zero values for lengths.
Risk Assessment
Organizations may be exposed to unauthorized access to systems, potentially leading to serious security breaches.
Recommendation
It is recommended to update OpenBSD to the latest version to mitigate this vulnerability.
Original NVD description (English source)
sppp_pap_input in sys/net/if_spppsubr.c in OpenBSD before 076e2b1 allows authentication bypass via certain zero values for lengths.

