CVE-2026-42483

Name of the Vulnerable Software and Affected Versions hashcat version 7.1.2

Description A heap-based buffer overflow exists in the Kerberos hash parser. The issue occurs within the module hash decode() function across several Kerberos-related modules. It is caused by the account info len variable being calculated from untrusted delimiter positions without upper-bound validation before the data is copied into a fixed-size account info buffer using memcpy(). This can lead to a denial of service or the execution of arbitrary code when processing a specially crafted Kerberos hash file.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.