CVE-2026-42483
Received Received - Intake
Heap-based Buffer Overflow in hashcat

Publication date: 2026-05-01

Last updated on: 2026-05-01

Assigner: MITRE

Description
A heap-based buffer overflow in the Kerberos hash parser in hashcat v7.1.2 allows an attacker to cause a denial of service or possibly execute arbitrary code via a crafted Kerberos hash file. The issue affects module_hash_decode in multiple Kerberos-related modules because account_info_len is calculated from untrusted delimiter positions without upper-bound validation before memcpy copies the data into a fixed-size account_info buffer.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-01
Last Modified
2026-05-01
Generated
2026-06-16
AI Q&A
2026-05-01
EPSS Evaluated
2026-06-14
NVD
CVE-2026-42483
EUVD
EUVD-2026-26530
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
hashcat hashcat 7.1.2
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-787 The product writes data past the end, or before the beginning, of the intended buffer.
CWE-122 A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is a heap-based buffer overflow in the Kerberos hash parser of hashcat version 7.1.2. It occurs because the length of account information is calculated from untrusted delimiter positions without proper upper-bound validation. This leads to copying more data than the fixed-size buffer can hold, which can cause memory corruption.

An attacker can exploit this by providing a specially crafted Kerberos hash file that triggers the overflow in the module_hash_decode function within multiple Kerberos-related modules.

Impact Analysis

Exploiting this vulnerability can allow an attacker to cause a denial of service (crash) of the affected application. In some cases, it may also allow the attacker to execute arbitrary code, potentially leading to full system compromise depending on the environment and privileges of the application.

Compliance Impact

The provided information does not specify any direct impact of this vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.

Detection Guidance

This vulnerability can be detected by analyzing hashcat usage and inspecting Kerberos hash files for crafted or excessively long account_info fields that could trigger the heap-based buffer overflow.

Specifically, detection involves checking if hashcat version 7.1.2 is in use and if any Kerberos hash files processed contain unusually long or malformed account_info fields that bypass length validation.

While no explicit commands are provided in the resources, a practical approach includes:

  • Verify hashcat version: `hashcat --version`
  • Search for Kerberos hash files with long account_info fields using tools like `grep` or custom scripts to identify unusually long fields.
  • Monitor hashcat crashes or denial-of-service symptoms during Kerberos hash processing, which may indicate exploitation attempts.
Mitigation Strategies

Immediate mitigation steps include:

  • Stop using hashcat version 7.1.2 for processing Kerberos hashes until a patched version is available.
  • Avoid processing untrusted or crafted Kerberos hash files that may contain maliciously long account_info fields.
  • Monitor for updates or patches from the hashcat project addressing this heap-based buffer overflow vulnerability.
  • Consider applying any available workarounds or patches proposed in community pull requests or advisories.
Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-42483. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart