Home / Vulnerability Intelligence / CVE-2026-32941

CVE-2026-32941 - Vulnerability Analysis

N/a

Last Updated: March 20, 2026

Sliver - Denial of Service

Published: March 20, 2026Updated: March 20, 2026PoC Available

Overview

Sliver <= 1.7.3 contains a remote out-of-memory vulnerability caused by trusting attacker-controlled length prefixes in mTLS and WireGuard transport layers, letting attackers with valid credentials crash the server via memory exhaustion, exploit requires valid credentials.

Severity & Score

Severity: N/a

Impact

Attackers with valid credentials can crash the server causing denial of service and disruption of implant sessions.

Mitigation

Update to the latest version once a fix is available.

References

https://github.com/BishopFox/sliver/security/advisories/GHSA-97vp-pwqj-46qc

Related Resources

Vulnerability Intelligence Dashboard
Credential Scanner

Details

CVE ID: CVE-2026-32941
Severity: N/a
Type: undefined
Status: new

CWE

CWE-770

CVSS Metrics

N/A