VYPR

Go Ntlmssp

by Azure

Source repositories

CVEs (1)

  • CVE-2026-32952MedApr 24, 2026
    risk 0.34cvss 5.3epss 0.01

    go-ntlmssp is a Go package that provides NTLM/Negotiate authentication over HTTP. Prior to version 0.1.1, a malicious NTLM challenge message can causes an slice out of bounds panic, which can crash any Go process using `ntlmssp.Negotiator` as an HTTP transport. Version 0.1.1…