CVE-2026-26201

Summary

emp3r0r is a C2 designed by Linux users for Linux environments. Prior to version 3.21.2, multiple shared maps are accessed without consistent synchronization across goroutines. Under concurrent activity, Go runtime can trigger fatal error: concurrent map read and map write, causing C2 process crash (availability loss). Version 3.21.2 fixes this issue.

Affected Software

VendorProductVersion RangeStatus
jm33-m0emp3r0r< 3.21.2affected

Weaknesses

  • CWE-362: CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
  • CWE-663: CWE-663: Use of a Non-reentrant Function in a Concurrent Context

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References