CVE ID :CVE-2026-44713 Published : May 27, 2026, 9:16 p.m. | 2 hours, 15 minutes ago Description :pam_usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.8.7, src/tmux.c reads the user's $TMUX environment variable, splits it on commas, and interpolates the socket-path component directly into a shell command passed to popen(). Because the value is placed inside double-quotes without sanitisation, any value containing