CVE-2026-25760

EUVD-2026-5561
Sliver is a command and control framework that uses a custom Wireguard netstack. Prior to 1.6.11, a path traversal in the website content subsystem lets an authenticated operator read arbitrary files on the Sliver server host. This is an authenticated path traversal / arbitrary file read issue, and it can expose credentials, configs, and keys. This vulnerability is fixed in 1.6.11.
Path Traversal
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.5 MEDIUM
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
GitHub_MCNA
6.5 MEDIUM
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 2%
Affected Products (NVD)
VendorProductVersion
bishopfoxsliver
𝑥
< 1.6.11
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://github.com/BishopFox/sliver/commit/818127349ccec812876693c4ca74ebf4350ec6b7
https://github.com/BishopFox/sliver/security/advisories/GHSA-2286-hxv5-cmp2