{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-56766", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "state": "PUBLISHED", "assignerShortName": "VulnCheck", "dateReserved": "2026-06-22T21:55:17.942Z", "datePublished": "2026-06-25T18:01:07.362Z", "dateUpdated": "2026-06-25T18:34:53.467Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2026-06-25T18:01:07.362Z"}, "title": "Hydra - Stack Buffer Overflow in NTLM Authentication Handler", "descriptions": [{"lang": "en", "value": "Hydra through 9.7, fixed in commit 9cc84c2, contains a stack buffer overflow in NTLM authentication across SMTP, POP3, IMAP, NNTP, HTTP, HTTP-Proxy, and HTTP-Proxy-Urlenum modules when processing malicious NTLM Type-2 challenges. A malicious server can send a crafted NTLM Type-2 challenge with an excessively long domain string, causing base64-encoded response data to overflow a 500-byte stack buffer by 18 to 330 bytes, enabling remote code execution on systems without stack protection."}], "tags": ["x_open-source"], "datePublic": "2026-05-19T00:00:00.000Z", "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-121", "description": "Stack-based Buffer Overflow", "type": "CWE"}]}], "affected": [{"vendor": "vanhauser-thc", "product": "thc-hydra", "defaultStatus": "unaffected", "versions": [{"version": "0", "status": "affected", "versionType": "custom", "lessThanOrEqual": "9.7"}, {"status": "unaffected", "version": "9cc84c20e75f5fef6bb1790bb9ada2afad2204e2", "versionType": "git"}], "repo": "https://github.com/vanhauser-thc/thc-hydra"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV4_0": {"attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "ACTIVE", "vulnConfidentialityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "subIntegrityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subAvailabilityImpact": "NONE", "exploitMaturity": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "version": "4.0", "baseSeverity": "HIGH", "baseScore": 8.6, "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"}}, {"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "version": "3.1", "baseSeverity": "HIGH", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}}], "references": [{"url": "https://github.com/vanhauser-thc/thc-hydra/commit/9cc84c20e75f5fef6bb1790bb9ada2afad2204e2", "name": "Patch Commit", "tags": ["patch"]}, {"url": "https://www.vulncheck.com/advisories/hydra-stack-buffer-overflow-in-ntlm-authentication-handler", "tags": ["third-party-advisory"]}], "credits": [{"lang": "en", "value": "Tristan Madani", "type": "finder"}], "x_generator": {"engine": "vulncheck"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-06-25T18:33:07.811052Z", "id": "CVE-2026-56766", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-06-25T18:34:53.467Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-56766", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-06-25T18:33:07.811052Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-06-25T18:34:29.403Z"}}], "cna": {"tags": ["x_open-source"], "title": "Hydra - Stack Buffer Overflow in NTLM Authentication Handler", "credits": [{"lang": "en", "type": "finder", "value": "Tristan Madani"}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 8.6, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "ACTIVE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}, {"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"repo": "https://github.com/vanhauser-thc/thc-hydra", "vendor": "vanhauser-thc", "product": "thc-hydra", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "9.7"}, {"status": "unaffected", "version": "9cc84c20e75f5fef6bb1790bb9ada2afad2204e2", "versionType": "git"}], "defaultStatus": "unaffected"}], "datePublic": "2026-05-19T00:00:00.000Z", "references": [{"url": "https://github.com/vanhauser-thc/thc-hydra/commit/9cc84c20e75f5fef6bb1790bb9ada2afad2204e2", "name": "Patch Commit", "tags": ["patch"]}, {"url": "https://www.vulncheck.com/advisories/hydra-stack-buffer-overflow-in-ntlm-authentication-handler", "tags": ["third-party-advisory"]}], "x_generator": {"engine": "vulncheck"}, "descriptions": [{"lang": "en", "value": "Hydra through 9.7, fixed in commit 9cc84c2, contains a stack buffer overflow in NTLM authentication across SMTP, POP3, IMAP, NNTP, HTTP, HTTP-Proxy, and HTTP-Proxy-Urlenum modules when processing malicious NTLM Type-2 challenges. A malicious server can send a crafted NTLM Type-2 challenge with an excessively long domain string, causing base64-encoded response data to overflow a 500-byte stack buffer by 18 to 330 bytes, enabling remote code execution on systems without stack protection."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-121", "description": "Stack-based Buffer Overflow"}]}], "providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2026-06-25T18:01:07.362Z"}}}, "cveMetadata": {"cveId": "CVE-2026-56766", "state": "PUBLISHED", "dateUpdated": "2026-06-25T18:34:53.467Z", "dateReserved": "2026-06-22T21:55:17.942Z", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "datePublished": "2026-06-25T18:01:07.362Z", "assignerShortName": "VulnCheck"}, "dataVersion": "5.2"}

{}

{"bugzilla": {"description": "hydra: Hydra: Remote Code Execution via NTLM Authentication Stack Buffer Overflow", "id": "2493128", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2493128"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.5", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "status": "draft"}, "cwe": "CWE-120", "details": ["A flaw was found in Hydra. A malicious server can exploit a stack buffer overflow vulnerability in the NTLM authentication modules by sending a specially crafted NTLM Type-2 challenge. This can lead to an overflow of a stack buffer, potentially enabling remote code execution on systems that lack stack protection."], "mitigation": {"lang": "en:us", "value": "Ensure your system's built-in security features are active and up to date. These standard protections automatically look for memory errors, causing the application to safely shut down the moment it receives too much data, completely blocking any harmful commands from running."}, "name": "CVE-2026-56766", "public_date": "2026-06-25T18:01:07Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-56766\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-56766\nhttps://github.com/vanhauser-thc/thc-hydra/commit/9cc84c20e75f5fef6bb1790bb9ada2afad2204e2\nhttps://www.vulncheck.com/advisories/hydra-stack-buffer-overflow-in-ntlm-authentication-handler"], "statement": "An important security flaw in the Hydra tool lets a malicious server take control of your computer. For an attack to work, you must be tricked into actively connecting Hydra to the attacker's rigged server. The standard security features built into Red Hat systems act as a safety net, making it very difficult for attackers to actually exploit this issue.", "threat_severity": "Important"}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,9.7]"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "code_commit", "value": "9cc84c20e75f5fef6bb1790bb9ada2afad2204e2"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "thc-hydra", "source": "cna", "vendor": "vanhauser-thc"}, "product": "thc-hydra", "vendor": "vanhauser-thc"}], "created": "2026-06-25T19:30:15.940224+00:00", "updated": "2026-06-29T14:15:05.312607+00:00", "vendors": ["vanhauser-thc", "vanhauser-thc$PRODUCT$thc-hydra"]}