CSIRTS // UNIFIED SECURITY ADVISORY FEEDSYS ● ONLINE · POWERED BY INTELFUSIONS.COM

CVE-2026-14612

mediumCVSS 4.2covered by 1 sourcefirst seen 2026-07-03
Two off-by-one errors in the FreeIPA ipa-otpd daemon's OAuth2 device authorization handler can cause out-of-bounds memory access when processing an oversized response from a configured external OAuth2/OIDC Identity Provider. An attacker who controls or can man-in-the-middle the IdP endpoint may be able to trigger ipa-otpd to write or read one byte past the end of a fixed-size buffer. Exploitation requires FreeIPA to be configured with an external IdP, attacker control or MITM of that IdP, and a user to initiate the OAuth2 device authorization flow. The most likely impact is limited denial of service affecting the ipa-otpd daemon.

⚡ Watch CVE-2026-14612

Get an email if CVE-2026-14612 is added to CISA KEV, gains public exploit code, or a new advisory cites it — max one per day, one-click unsubscribe.

Exploitation outlook

Advisory coverage (1)

External references

NVD record for CVE-2026-14612

CVE.org record

Embed the live status

CVE-2026-14612 live status badge — this badge updates automatically when the KEV or exploit status changes. How to embed it →

[![CVE-2026-14612 status](https://www.csirts.com/badge/CVE-2026-14612)](https://www.csirts.com/cve/CVE-2026-14612)