CVE-2026-39908
published 2026-06-08CVE-2026-39908: OpenBullet2 through version 0.3.2 on Windows contains a credential disclosure vulnerability that allows remote attackers to capture the NTLMv2 hash of the…
PriorityP340medium6.5CVSS 3.1
AVNACLPRLUINSUCHINAN
EPSS
0.31%
23.1th percentile
OpenBullet2 through version 0.3.2 on Windows contains a credential disclosure vulnerability that allows remote attackers to capture the NTLMv2 hash of the process user by configuring a job proxy source with a UNC path pointing to an attacker-controlled server. When the job starts, the application attempts to load proxies from the UNC path, triggering an SMB authentication attempt that discloses the NTLMv2 hash, which can then be relayed or cracked offline.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| openbullet | openbullet2 | <= 0.3.2 | — |
CVSS provenance
nvdv3.16.5MEDIUMCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
nvdv4.07.1HIGHCVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
openbullet2 up to 0.3.2 on Windows insufficiently protected credentials (EUVD-2026-35133)
vuldb·2026-06-08·CVSS 6.5
CVE-2026-39908 [MEDIUM] openbullet2 up to 0.3.2 on Windows insufficiently protected credentials (EUVD-2026-35133)
A vulnerability labeled as problematic has been found in openbullet2 up to 0.3.2 on Windows. This issue affects some unknown processing. Executing a manipulation can lead to insufficiently protected credentials.
The identification of this vulnerability is CVE-2026-39908. The attack may be launched remotely. There is no exploit available.
GHSA
OpenBullet2 through version 0.3.2 on Windows contains a credential disclosure vulnerability that allows remote attackers to capture the NTLMv2 hash of the process user by configuring a job proxy sourc
ghsa_unreviewed·2026-06-08
CVE-2026-39908 [HIGH] CWE-522 OpenBullet2 through version 0.3.2 on Windows contains a credential disclosure vulnerability that allows remote attackers to capture the NTLMv2 hash of the process user by configuring a job proxy sourc
OpenBullet2 through version 0.3.2 on Windows contains a credential disclosure vulnerability that allows remote attackers to capture the NTLMv2 hash of the process user by configuring a job proxy source with a UNC path pointing to an attacker-controlled server. When the job starts, the application attempts to load proxies from the UNC path, triggering an SMB authentication attempt that discloses the NTLMv2 hash, which can then be relayed or cracked offline.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2026-06-08
Published