What is the CVSS score of CVE-2026-26201?

CVE-2026-26201 has a CVSS 3.1 base score of 7.5 (High). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H. EPSS exploitation probability: 0.0%.

Which versions of Golang are affected by CVE-2026-26201?

CVE-2026-26201 affects emp3r0r, a Linux command-and-control tool, creating a race condition vulnerability that could allow attackers to compromise affected systems.. A patch is available.

Is there a public PoC exploit available for CVE-2026-26201?

Yes, a public proof-of-concept exploit is available for CVE-2026-26201. Prioritise patching immediately. EPSS: 0.0%.

Golang CVE-2026-26201

HIGH

Race Condition (CWE-362)

2026-02-19 security-advisories@github.com

GHSA-f5p9-j34q-pwcc

Denial Of Service Linux Golang Emp3r0r Suse

7.5

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Lifecycle Timeline

Analysis Generated

Mar 12, 2026 - 22:03 vuln.today

PoC Detected

Feb 26, 2026 - 02:51 vuln.today

Public exploit code

Patch released

Feb 26, 2026 - 02:51 nvd

Patch available

CVE Published

Feb 19, 2026 - 20:25 nvd

HIGH 7.5

DescriptionNVD

emp3r0r is a C2 designed by Linux users for Linux environments. Prior to version 3.21.2, multiple shared maps are accessed without consistent synchronization across goroutines. Under concurrent activity, Go runtime can trigger fatal error: concurrent map read and map write, causing C2 process crash (availability loss). Version 3.21.2 fixes this issue.

AnalysisAI

emp3r0r C2 framework versions prior to 3.21.2 crash due to unsynchronized concurrent map access in Go goroutines, allowing attackers with network access to trigger denial of service against the C2 infrastructure. Public exploit code exists for this vulnerability. …

RemediationAI

Within 24 hours: Identify all systems running emp3r0r and inventory their criticality and network exposure. Within 7 days: Apply vendor patch to version 3.21.2 or later across all affected systems, prioritizing internet-facing and high-value assets first. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

More from same product – last 7 days

CVE-2026-9256 HIGH This Week

8.1 May 22

Heap buffer overflow in NGINX Plus and NGINX Open Source ngx_http_rewrite_module allows unauthenticated remote attackers

CVE-2026-47334 MEDIUM This Month

5.5 May 28

Kernel availability loss in Ubuntu Linux 6.8, 6.17, and 7.0 can be triggered by any unprivileged local user via a defect

CVE-2026-47335 MEDIUM This Month

5.5 May 28

Kernel panic via NULL pointer dereference in Ubuntu Linux 6.8's AppArmor notification handler allows a locally authentic

CVE-2026-47327 LOW Monitor

3.3 May 28

NULL pointer dereference in Ubuntu Linux kernel versions 6.8, 6.17, and 7.0 allows a local unprivileged user to crash th

CVE-2026-47337 LOW Monitor

3.3 May 28

NULL pointer dereference in Ubuntu Linux kernel SAUCE patches (versions 6.8, 6.17, and 7.0) allows an unprivileged local

Vendor StatusVendor

CVE-2026-26201 vulnerability details – vuln.today

Back

Golang CVE-2026-26201

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Full analysis requires sign-in

More from same product – last 7 days

Vendor StatusVendor

Share

External POC / Exploit Code