PT-2026-34821 · Unknown · Go-Ntlmssp

Qmuntal

Published

2026-04-23

Updated

2026-05-22

CVE-2026-32952

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions go-ntlmssp versions prior to 0.1.1

Description A malicious NTLM challenge message can cause a slice out of bounds panic, leading to a crash of any Go process utilizing ntlmssp.Negotiator as an HTTP transport.

Recommendations Update to version 0.1.1.

Fix

Integer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-190

Related Identifiers

CLEANSTART-2026-AX33738

CLEANSTART-2026-BB83999

CLEANSTART-2026-BD19566

CLEANSTART-2026-BN28456

CLEANSTART-2026-CB00984

CLEANSTART-2026-CC08450

CLEANSTART-2026-EP10142

CLEANSTART-2026-GG06672

CLEANSTART-2026-GX87608

CLEANSTART-2026-GZ35045

CLEANSTART-2026-HF07497

CLEANSTART-2026-HK01840

CLEANSTART-2026-JF61842

CLEANSTART-2026-LO63022

CLEANSTART-2026-MI47415

CLEANSTART-2026-MW66533

CLEANSTART-2026-NB83265

CLEANSTART-2026-NS33477

CLEANSTART-2026-OF37807

CLEANSTART-2026-OU18540

CLEANSTART-2026-OX06093

CLEANSTART-2026-PM88731

CLEANSTART-2026-PT56560

CLEANSTART-2026-RZ44006

CLEANSTART-2026-TK12973

CLEANSTART-2026-TX25294

CLEANSTART-2026-UO87758

CLEANSTART-2026-UY49411

CVE-2026-32952

GHSA-PJCQ-XVWQ-HHPJ

OPENSUSE-SU-2026:10672-1

OPENSUSE-SU-2026:10682-1

Affected Products

Go-Ntlmssp

PT-2026-34821 · Unknown · Go-Ntlmssp

CVE-2026-32952

Weakness Enumeration

Related Identifiers

Affected Products

References · 269