CVE-2026-32631 in Visual Studio정보

요약

\~에 의해 MITRE • 2026. 04. 15.

Git for Windows is the Windows port of Git. Versions prior to 2.53.0.windows.3 do not have protections that prevent attackers from obtaining a user's NTLM hash. The NTLM hash can be obtained by tricking users into cloning a malicious repository, or checking out a malicious branch, that accesses an attacker-controlled server. By default, NTLM authentication does not need any user interaction. By brute-forcing the NTLMv2 hash (which is expensive, but possible), credentials can be extracted. This issue has been fixed in version 2.53.0.windows.3.

Once again VulDB remains the best source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

책임이 있는

GitHub

공개

2026. 04. 15.

모더레이션

수락

항목

VDB-357531

CPE

준비됨

CWE

CWE-359 (확인됨)

CVSS

4.7 (VulDB)

EPSS

0.00086

KEV

아니요

활동

매우 낮음

부문

Hostingprovider, Telecommunication

출처

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-32631
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-32631
CVE Details	https://www.cvedetails.com/cve/CVE-2026-32631/

◂ 이전 개요 다음 ▸

Do you need the next level of professionalism?

Upgrade your account now!