CVE-2026-14476
Last modified
CVE-2026-14476 is a high-severity vulnerability rated 8/10 on the CVSS scale. A path traversal flaw was found in SSSD's AD GPO provider. The ad_gpo_extract_smb_components() function does not sanitize .. EPSS estimates a 0.69% chance of exploitation in the next 30 days.
Description
A path traversal flaw was found in SSSD's AD GPO provider. The ad_gpo_extract_smb_components() function does not sanitize .. sequences in the gPCFileSysPath LDAP attribute, allowing an attacker with AD GPO management access to write files outside the GPO cache directory as root. On default RHEL configurations with SELinux enforcing, this can be used to inject Kerberos configuration leading to authentication bypass.
Metrics
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
Weakness Enumeration
Affected Software
Source: CNA advisory (CVE.org). NVD analysis pending.
| Vendor | Product | Versions |
|---|---|---|
| Red Hat | Red Hat Enterprise Linux 10 | All versions |
| Red Hat | Red Hat Enterprise Linux 6 | All versions |
| Red Hat | Red Hat Enterprise Linux 7 | All versions |
| Red Hat | Red Hat Enterprise Linux 8 | All versions |
| Red Hat | Red Hat Enterprise Linux 9 | All versions |
| Red Hat | Red Hat OpenShift Container Platform 4 | All versions |
References
Timeline
- Published
- Last Modified
- Status
- Awaiting Analysis
Frequently Asked Questions
What is CVE-2026-14476?
How severe is CVE-2026-14476?
How do I fix CVE-2026-14476?
Related CVEs from 2026
- CVE-2026-14461mtr is vulnerable to Out-of-bound read vulnerability in ipin…5.1
- CVE-2026-14468HashiCorp Terraform Enterprise contained an issue in its ver…7.7
- CVE-2026-1447The Mail Mint plugin for WordPress is vulnerable to Cross-Si…5.4
- CVE-2026-14471Improper Neutralization of Special Elements in the metrics-s…8.6
- CVE-2026-14474A flaw was found in SSSD's LDAP sudo provider. When the ldap…8.8
- CVE-2026-14475The Cookie Banner for GDPR / CCPA – WPLP Cookie Consent plug…4.9
- CVE-2026-1448A vulnerability was detected in D-Link DIR-615 up to 4.10. T…7.3
- CVE-2026-14482The 多说社会化评论框 plugin for WordPress is vulnerable to Privilege…8.8
- CVE-2026-14487The Simple Coherent Form plugin for WordPress is vulnerable …9.1
- CVE-2026-14489The WHMCS Bridge plugin for WordPress is vulnerable to arbit…8.8
- CVE-2026-1449A flaw has been found in Hisense TransTech Smart Bus Managem…7.3
- CVE-2026-14495The DoLogin Security plugin for WordPress is vulnerable to A…8.8
Are you affected by CVE-2026-14476?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST
