CVE-2026-29781

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2026-29781

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-29781.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2026-29781

Aliases

Downstream

SUSE-SU-2026:1042-1

Related

SUSE-SU-2026:1042-1

Published

2026-03-07T15:25:23.698Z

Modified

2026-04-10T05:41:40.986203Z

Severity

2.1 (Low) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P CVSS Calculator

Summary

Sliver: Authenticated Nil-Pointer Dereference in Handlers

Details

Sliver is a command and control framework that uses a custom Wireguard netstack. In versions from 1.7.3 and prior, a vulnerability exists in the Sliver C2 server's Protobuf unmarshalling logic due to a systemic lack of nil-pointer validation. By extracting valid implant credentials and omitting nested fields in a signed message, an authenticated actor can trigger an unhandled runtime panic. Because the mTLS, WireGuard, and DNS transport layers lack the panic recovery middleware present in the HTTP transport, this results in a global process termination. While requiring post-authentication access (a captured implant), this flaw effectively acts as an infrastructure "kill-switch," instantly severing all active sessions across the entire fleet and requiring a manual server restart to restore operations. At time of publication, there are no publicly available patches.

Database specific

{
    "cna_assigner": "GitHub_M",
    "cwe_ids": [
        "CWE-476"
    ],
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/29xxx/CVE-2026-29781.json"
}

References

Affected packages

Git / github.com/bishopfox/sliver

Affected ranges

Type

GIT

Repo

https://github.com/bishopfox/sliver

Events

Introduced

Last affected

3bbaf805104dcc4a75414ee0084e8de50702cad4

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.7.3"
        }
    ]
}

Affected versions

v0.*

v0.0.1-alpha

v0.0.2-alpha

v0.0.3-alpha

v0.0.6-alpha

v1.*

v1.0.0-beta

v1.0.2-beta

v1.0.3-beta

v1.0.6-beta

v1.0.7-beta

v1.0.8-beta

v1.1.0

v1.1.1

v1.2.0

v1.2.1

v1.3.0

v1.3.1

v1.4.0

v1.4.1

v1.4.10

v1.4.12

v1.4.13

v1.4.14

v1.4.15

v1.4.16

v1.4.17

v1.4.18

v1.4.19

v1.4.2

v1.4.20

v1.4.21

v1.4.3

v1.4.4

v1.4.5

v1.4.6

v1.4.7

v1.4.8

v1.4.9

v1.5.0

v1.5.1

v1.5.10

v1.5.11

v1.5.12

v1.5.13

v1.5.14

v1.5.15

v1.5.16

v1.5.17

v1.5.18

v1.5.19

v1.5.2

v1.5.20

v1.5.21

v1.5.22

v1.5.23

v1.5.24

v1.5.25

v1.5.26

v1.5.27

v1.5.28

v1.5.29

v1.5.3

v1.5.30

v1.5.4

v1.5.5

v1.5.6

v1.5.7

v1.5.8

v1.5.9

v1.6.0

v1.6.1

v1.6.10

v1.6.11

v1.6.2

v1.6.3

v1.6.4

v1.6.5

v1.6.6

v1.6.7

v1.6.8

v1.6.9

v1.7.0

v1.7.1

v1.7.2

v1.7.3

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-29781.json"