CVE Catalog

CVE-2026-56766

HighCVSS 8.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.47%

37th percentile — higher than 37% of all known CVEs

Summary

Hydra up to version 9.7 contains a stack buffer overflow vulnerability in NTLM authentication across SMTP, POP3, IMAP, NNTP, HTTP, HTTP-Proxy, and HTTP-Proxy-Urlenum modules. A malicious server can send a crafted NTLM Type-2 challenge with an excessively long domain string, causing buffer overflow and enabling remote code execution.

Risk Assessment

This vulnerability poses a serious risk to organizations as it allows for remote code execution on systems without stack protection. This could lead to an attacker gaining control over the system.

Recommendation

It is recommended to upgrade to Hydra version 9.8 or later to mitigate this vulnerability. Additionally, implementing stack protection mechanisms is advisable to minimize the risk of buffer overflow.

Original NVD description (English source)

Hydra through 9.7, fixed in commit 9cc84c2, contains a stack buffer overflow in NTLM authentication across SMTP, POP3, IMAP, NNTP, HTTP, HTTP-Proxy, and HTTP-Proxy-Urlenum modules when processing malicious NTLM Type-2 challenges. A malicious server can send a crafted NTLM Type-2 challenge with an excessively long domain string, causing base64-encoded response data to overflow a 500-byte stack buffer by 18 to 330 bytes, enabling remote code execution on systems without stack protection.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS