Is there a public PoC exploit available for CVE-2026-9365?

Yes, a public proof-of-concept exploit is available for CVE-2026-9365. Prioritise patching immediately. EPSS: 0.1%.

Is there a patch available for CVE-2026-9365?

Yes, a patch is available for CVE-2026-9365. Update the affected software to the latest version immediately.

Ettercap CVE-2026-9365

Q: What is the CVSS score of CVE-2026-9365?

CVE-2026-9365 has a CVSS 4.0 base score of 2.9 (Low). CVSS vector: CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X. EPSS exploitation probability: 0.1%.

EUVD-2026-31576 LOW

Heap-based Buffer Overflow (CWE-122)

2026-05-24 VulDB

GHSA-fgvc-qw77-cmcj

Buffer Overflow Heap Overflow

2.9

CVSS 4.0

CVSS VectorNVD

CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Network

Attack Complexity

High

Privileges Required

None

User Interaction

None

Scope

Lifecycle Timeline

Severity Changed

May 26, 2026 - 19:37 NVD

MEDIUM LOW

CVSS changed

May 26, 2026 - 19:37 NVD

5.6 (MEDIUM) 2.9 (LOW)

Source Code Evidence Fetched

May 24, 2026 - 08:45 vuln.today

Analysis Generated

May 24, 2026 - 08:45 vuln.today

DescriptionNVD

A vulnerability has been found in Ettercap up to 0.8.3. The affected element is the function FUNC_DECODER of the file src/dissectors/ec_gg.c of the component GG Dissector. The manipulation of the argument gg leads to heap-based buffer overflow. The attack is possible to be carried out remotely. The complexity of an attack is rather high. The exploitability is described as difficult. The exploit has been disclosed to the public and may be used. Upgrading to version 0.8.4 is sufficient to fix this issue. The identifier of the patch is feeae6fa366e01a3dd9f1857ec6aae847b2ae00c. It is suggested to upgrade the affected component.

AnalysisAI

Heap-based buffer overflow in Ettercap's GG protocol dissector (versions up to 0.8.3) allows remote attackers to potentially achieve limited confidentiality, integrity, and availability compromise through crafted network traffic. The vulnerability exists in the ec_gg.c dissector when processing Gadu-Gadu instant messaging protocol packets. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

CVE-2026-9365 vulnerability details – vuln.today

Back