CVE-2026-42483
Published: 01 May 2026
Summary
CVE-2026-42483 is a critical-severity Out-of-bounds Write (CWE-787) vulnerability in Hashcat Hashcat. Its CVSS base score is 9.8 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Client Execution (T1203); ranked at the 27.9th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 SI-16 (Memory Protection) and SI-2 (Flaw Remediation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Flaw remediation directly addresses the buffer overflow vulnerability by requiring timely patching or upgrading of vulnerable hashcat versions to eliminate the unchecked memcpy operation.
Memory protection mechanisms such as ASLR, DEP, and heap hardening comprehensively mitigate exploitation of the heap-based buffer overflow for arbitrary code execution or DoS.
Information input validation requires bounds checking and sanitization of crafted Kerberos hash files before processing by hashcat's vulnerable parser.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Heap buffer overflow in hashcat client application enables exploitation for arbitrary code execution via crafted input file with no user interaction required.
NVD Description
A heap-based buffer overflow in the Kerberos hash parser in hashcat v7.1.2 allows an attacker to cause a denial of service or possibly execute arbitrary code via a crafted Kerberos hash file. The issue affects module_hash_decode in multiple Kerberos-related modules…
more
because account_info_len is calculated from untrusted delimiter positions without upper-bound validation before memcpy copies the data into a fixed-size account_info buffer.
Deeper analysisAI
CVE-2026-42483 is a heap-based buffer overflow vulnerability (CWE-787, CWE-122) in the Kerberos hash parser of hashcat version 7.1.2. The issue affects the module_hash_decode function in multiple Kerberos-related modules, where the account_info_len value is calculated from untrusted delimiter positions in a crafted input without upper-bound validation. This leads to an unchecked memcpy operation that copies data into a fixed-size account_info buffer, enabling potential memory corruption.
The vulnerability can be exploited by any unauthenticated attacker over the network with low complexity and no user interaction required, as indicated by its CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). By providing a malicious Kerberos hash file to a hashcat instance processing it—such as during password cracking workflows—the attacker can trigger a denial of service crash or, in some cases, achieve arbitrary code execution with the privileges of the hashcat process.
References for the vulnerability are available at https://gist.github.com/sgInnora/107f2eb20367e47d58c911e38d56a91f, which may include proof-of-concept details or further analysis. No specific patch or mitigation guidance is provided in the CVE description.
Details
- CWE(s)