CVE-2026-57915
HighCVSS 7.3Exploitation Probability (EPSS)
Low risk24th percentile — higher than 24% of all known CVEs
Summary
A vulnerability in Apache Kerby allows bypassing the Kerberos pre-authentication check by sending a PA-DATA with an unrecognized or unsupported type. An attacker can gain access without proper authentication.
Risk Assessment
The organization is at risk of unauthorized access to Kerberos-protected systems, potentially leading to data confidentiality and integrity breaches.
Recommendation
Upgrade Apache Kerby to version 2.1.2 immediately, which includes a fix for this vulnerability.
Original NVD description (English source)
It is possible to bypass the Kerberos pre-authentication check in Apache Kerby by sending a PA-DATA with an unrecognized or unsupported type. Users are recommended to upgrade to version 2.1.2, which fixes this issue.

