CVE-2026-39908

Source
https://cve.org/CVERecord?id=CVE-2026-39908
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-39908.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-39908
Published
2026-06-08T16:47:18.702Z
Modified
2026-07-15T01:48:51.681566312Z
Severity
  • 7.1 (High) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N CVSS Calculator
Summary
OpenBullet2 0.3.2 NTLMv2 Hash Disclosure via UNC Path Proxy Source
Details

OpenBullet2 through version 0.3.2 on Windows contains a credential disclosure vulnerability that allows remote attackers to capture the NTLMv2 hash of the process user by configuring a job proxy source with a UNC path pointing to an attacker-controlled server. When the job starts, the application attempts to load proxies from the UNC path, triggering an SMB authentication attempt that discloses the NTLMv2 hash, which can then be relayed or cracked offline.

Database specific
{
    "cna_assigner": "VulnCheck",
    "cwe_ids": [
        "CWE-522"
    ],
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/39xxx/CVE-2026-39908.json"
}
References

Affected packages

Git / github.com/openbullet/openbullet2

Affected ranges

Type
GIT
Repo
https://github.com/openbullet/openbullet2
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
Database specific
{
    "source": "AFFECTED_FIELD",
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "0.3.2"
        }
    ]
}

Affected versions

0.*
0.1.0
0.1.1
0.1.10
0.1.11
0.1.12
0.1.13
0.1.14
0.1.15
0.1.16
0.1.17
0.1.18
0.1.19
0.1.2
0.1.20
0.1.21
0.1.22
0.1.23
0.1.24
0.1.25
0.1.26
0.1.27
0.1.28
0.1.3
0.1.4
0.1.5
0.1.6
0.1.7
0.1.8
0.1.9
0.2.0
0.2.1
0.2.2
0.2.3
0.2.4
0.2.5
0.3.0
0.3.0.2586
0.3.1
0.3.1.2631
0.3.1.2637
0.3.2

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-39908.json"