| Package | memcached |
|---|---|
| Version | 1.4.33-1+deb9u3 (stretch), 1.5.6-1.1+deb10u2 (buster) |
| Related CVEs | CVE-2026-47783 CVE-2026-47784 |
Two side-channel attacks were discovered in memcached, an in-memory key/value database store. This could have been used to reveal or extract information about authentication details.
For Debian 10 buster, these problems have been fixed in version 1.5.6-1.1+deb10u2.
For Debian 9 stretch, these problems have been fixed in version 1.4.33-1+deb9u3.
We recommend that you upgrade your memcached packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.