MEDIUM
Azure
CVE published 2026-04-24
CVE-2026-32952
CVE-2026-32952 is an availability issue in go-ntlmssp before version 0.1.1. According to the NVD record and the project’s GitHub advisory/release notes, a malicious NTLM challenge message can trigger a slice out of bounds panic, which may crash a Go process using ntlmssp.Negotiator as an HTTP transport. The project states that version 0.1.1 fixes the issue.