Skip to main content

bettercap CVE-2026-8276

| EUVD-2026-29036 LOW
Numeric Errors (CWE-189)
2026-05-11 cna@vuldb.com GHSA-jcqv-2g3v-gm88
Information Disclosure
2.9
CVSS 4.0

CVSS VectorNVD

CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

3
Source Code Evidence Fetched
May 11, 2026 - 06:30 vuln.today
Analysis Generated
May 11, 2026 - 06:30 vuln.today
CVE Published
May 11, 2026 - 06:16 nvd
LOW 2.9

DescriptionNVD

A flaw has been found in bettercap up to 2.41.5. Affected by this issue is some unknown functionality of the file modules/mysql_server/mysql_server.go of the component MySQL Server. Executing a manipulation can lead to integer coercion error. The attack can be launched remotely. The attack requires a high level of complexity. The exploitation is known to be difficult. The exploit has been published and may be used. This patch is called 0eaa375c5e5446bfba94a290eff92967a5deac9e. It is advisable to implement a patch to correct this issue.

AnalysisAI

Integer coercion error in bettercap's MySQL Server module allows remote attackers to trigger information disclosure through malformed MySQL handshake packets. Versions up to 2.41.5 are affected. …

Sign in for full analysis, threat intelligence, and remediation guidance.

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Sign in - Free

Share

CVE-2026-8276 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy