Every CVE whose affected-product data names Canonical Authd, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2024-9313 — CVSS 8.8 (high): Authd PAM module before version 0.3.5 can allow broker-managed users to impersonate any other user managed by the same broker and perform…
CVE-2025-5689 — CVSS 8.5 (high): A flaw was found in the temporary user record that authd uses in the pre-auth NSS. As a result, a user login for the first time will be…
CVE-2024-9312 — CVSS 7.5 (high): Authd, through version 0.3.6, did not sufficiently randomize user IDs to prevent collisions. A local attacker who can register user names…