CVE-2026-39908
Description
OpenBullet2 versions prior to 0.3.2 on Windows can leak NTLMv2 hashes via UNC path proxy sources, enabling attackers to capture credentials.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
OpenBullet2 versions prior to 0.3.2 on Windows can leak NTLMv2 hashes via UNC path proxy sources, enabling attackers to capture credentials.
Vulnerability
OpenBullet2 through version 0.3.2 on Windows contains a credential disclosure vulnerability. The vulnerability exists when a job proxy source is configured with a UNC path pointing to an attacker-controlled server [1].
Exploitation
An attacker needs to configure a job proxy source with a UNC path pointing to a server they control. When the OpenBullet2 job starts, the application attempts to load proxies from this UNC path, which triggers an SMB authentication attempt to the attacker's server [1].
Impact
Successful exploitation allows remote attackers to capture the NTLMv2 hash of the process user. This hash can then be relayed or cracked offline to potentially gain further access [1].
Mitigation
OpenBullet2 versions 0.3.2 and later are not affected. Users should update to a fixed version. No other mitigation details are available in the provided references [1].
AI Insight generated on Jun 8, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
1- Range: <=0.3.2
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2News mentions
0No linked articles in our index yet.