CVE-2026-8275

NameCVE-2026-8275
DescriptionA vulnerability was detected in bettercap up to 2.41.5. Affected by this vulnerability is the function ippReadChunkedBody of the file modules/zerogod/zerogod_ipp_primitives.go of the component zerogod IPP Service. Performing a manipulation results in integer coercion error. The attack can be initiated remotely. The attack is considered to have high complexity. The exploitation appears to be difficult. The exploit is now public and may be used. The patch is named 3731d5576cffae9eefe3721cd46a40933304129f. To fix this issue, it is recommended to deploy a patch.
SourceCVE (at NVD; CERT, ENISA, LWN, oss-sec, fulldisc, Debian ELTS, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
bettercap (PTS)bookworm2.32.0-1fixed
trixie2.33.0-1fixed
forky, sid2.33.0-4fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
bettercapsource(unstable)(not affected)

Notes

- bettercap <not-affected> (Vulnerable code introduced later)
https://github.com/bettercap/bettercap/issues/1263
Introduced with: https://github.com/bettercap/bettercap/commit/51a5b4ad6ea917d40f92861fbc1afcfa5a9af6bb (v2.41.0)
Fixed by: https://github.com/bettercap/bettercap/commit/3731d5576cffae9eefe3721cd46a40933304129f (v2.41.7)

Search for package or bug name: Reporting problems