CVE-2026-47783

In memcached before 1.6.42, username data for SASL password database authentication has a timing side channel because a loop exits as soon as a valid username is found by sasl_server_userdb_checkpass.

More information : https://github.com/memcached/memcached/commit/d13f282b4bce33a9c33b8a1bbf07f12114160fed