CVE-2026-8276

CVSS v3.1

3.7

Low

Vector

AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

Name of the Vulnerable Software and Affected Versions bettercap versions prior to 2.41.6

Description A flaw in the MySQL Server component, specifically within the modules/mysql server/mysql server.go file, allows a remote attacker to trigger an integer coercion error. Integer coercion occurs when a value is converted from one data type to another, potentially leading to unexpected behavior or crashes. This attack requires a high level of complexity and is difficult to exploit.

Recommendations Apply patch 0eaa375c5e5446bfba94a290eff92967a5deac9e to resolve the issue. As a temporary workaround, restrict access to the modules/mysql server/mysql server.go module to minimize the risk of exploitation.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-189CWE-192

Related Identifiers

CVE-2026-8276

Affected Products

Ettercap

CVE-2026-8276

Weakness Enumeration

Related Identifiers

Affected Products

References · 10