All 8 CVE vulnerabilities found in sliver, with AI-generated Chinese analysis, references, and POCs.
Vendor: BishopFox
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-34227 | Sliver One-Click Remote Access: Insecure CORS & Unauthenticated MCP Interface CWE-306 | 8.8AI | HighAI | 2026-03-31 |
| CVE-2026-32941 | Sliver Vulnerable to Authenticated OOM via Memory Exhaustion in mTLS/WireGuard Transports CWE-770 | 6.5 | - | 2026-03-20 |
| CVE-2026-29781 | Sliver: Authenticated Nil-Pointer Dereference in Handlers CWE-476 | 6.5 | - | 2026-03-07 |
| CVE-2026-25791 | Sliver has a DNS C2 OTP Bypass Allows Unauthenticated Session Flooding and Denial of Service CWE-306 | 7.5 | High | 2026-02-09 |
| CVE-2026-25760 | Website Path Traversal / Arbitrary File Read (Authenticated) in Sliver CWE-22 | 6.5 | Medium | 2026-02-06 |
| CVE-2025-27093 | Sliver does not restricted traffic between Wireguard clients. CWE-284 | 6.3 | Medium | 2025-10-28 |
| CVE-2025-27090 | Server-Side Request Forgery (SSRF) in sliver teamserver CWE-918 | 4.3 | - | 2025-02-19 |
| CVE-2024-41111 | BishopFox Sliver Authenticated Remote Code Execution CWE-74 | 7.2 | High | 2024-07-18 |
All 8 known CVE vulnerabilities affecting sliver with full Chinese analysis, references, and POCs where available.