Critical Memcached SASL Vulnerability Fixed in Version 1.6.42

Memcached 1.6.42 addresses two critical SASL timing side-channel vulnerabilities (CVE-2026-47783, CVE-2026-47784) that permit username enumeration and byte-wise password guessing; administrators are urged to upgrade immediately. The release also fixes several stability and security issues including a signed overflow in the binary protocol, authentication reload data races, memory underreads, and core crashes.