Home / Vulnerability Intelligence / CVE-2026-34227

CVE-2026-34227 - Vulnerability Analysis

N/a

Last Updated: March 31, 2026

Sliver - Remote Code Execution

Published: March 31, 2026Updated: March 31, 2026PoC Available

Overview

Sliver < 1.7.4 contains a remote code execution caused by a malicious link in the custom Wireguard netstack, letting unauthenticated attackers gain silent control over active C2 sessions, exploit requires victim to click a malicious link.

Severity & Score

Severity: N/a

Impact

Unauthenticated attackers can silently control all active C2 sessions, exfiltrate sensitive data, or destroy compromised infrastructure via the operator's browser.

Mitigation

Update to version 1.7.4 or later.

References

https://github.com/BishopFox/sliver/security/advisories/GHSA-6fpf-248c-m7wm

Related Resources

Vulnerability Intelligence Dashboard
Credential Scanner

Details

CVE ID: CVE-2026-34227
Severity: N/a
Type: remote_code_execution
Status: new

CWE

CWE-306

CVSS Metrics

N/A