Bishopfox Sliver
8 CVEs affecting Bishopfox Sliver. Latest disclosed: 2026-03-31. Critical: 0, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-25791 | High | 7.5 | 2026-02-09 | Sliver is a command and control framework that uses a custom Wireguard netstack. Prior to 1.7.0, the DNS C2 listener accepts unauthenticated TOTP bootstrap mes… |
CVE-2024-41111 | High | 7.2 | 2024-07-18 | Sliver is an open source cross-platform adversary emulation/red team framework, it can be used by organizations of all sizes to perform security testing. Slive… |
CVE-2026-32941 | Medium | 6.5 | 2026-03-20 | Sliver is a command and control framework that uses a custom Wireguard netstack. Versions 1.7.3 and below contain a Remote OOM (Out-of-Memory) vulnerability in… |
CVE-2026-29781 | Medium | 6.5 | 2026-03-07 | Sliver is a command and control framework that uses a custom Wireguard netstack. In versions from 1.7.3 and prior, a vulnerability exists in the Sliver C2 serv… |
CVE-2026-25760 | Medium | 6.5 | 2026-02-06 | Sliver is a command and control framework that uses a custom Wireguard netstack. Prior to 1.6.11, a path traversal in the website content subsystem lets an aut… |
CVE-2025-27093 | Medium | 6.3 | 2025-10-28 | Sliver is a command and control framework that uses a custom Wireguard netstack. In versions 1.5.43 and earlier, and in development version 1.6.0-dev, the nets… |
CVE-2026-34227 | | 2026-03-31 | Sliver is a command and control framework that uses a custom Wireguard netstack. Prior to version 1.7.4, a single click on a malicious link gives an unauthenti… | |
CVE-2025-27090 | | 2025-02-19 | Sliver is an open source cross-platform adversary emulation/red team framework, it can be used by organizations of all sizes to perform security testing. The r… |