Is github.com/bishopfox/sliver safe to use?

github.com/bishopfox/sliver has 10 known vulnerabilities on the latest version (v1.7.3). DepScope rates its health at 66/100 (moderate risk).

What is the latest version of github.com/bishopfox/sliver?

The latest version of github.com/bishopfox/sliver is v1.7.3, released 2026-02-24.

Yes. github.com/bishopfox/sliver has 10 known vulnerabilities. See depscope.dev/pkg/go/github.com/bishopfox/sliver for details.

No, github.com/bishopfox/sliver is actively maintained. Latest release: v1.7.3 (2026-02-24).

DepScope has no curated alternatives for github.com/bishopfox/sliver at this time.

github.com/bishopfox/sliver is licensed under GPL-3.0.

govv1.7.3

Adversary Emulation Framework

License GPL-3.0strong copyleft104 versions123 maintainers0 deps11,080 weekly dl

/ 100

Health

update required

github.com/bishopfox/[email protected] has vulnerabilities — update to latest

Update to >= 1.7.4 to fix known vulnerabilities

Health breakdown0 – 100

20/25

maintenance

10/20

popularity

16/25

security

15/15

maturity

5/15

community

Vulnerabilities

1 high2 medium7 low

Advisories (10)

Severity	ID	Summary	Fixed in
medium	CVE-2026-34227	Sliver One-Click Remote Access: Insecure CORS & Unauthenticated MCP Interface	1.7.4
medium	CVE-2026-32941	Sliver Vulnerable to Authenticated OOM via Memory Exhaustion in mTLS/WireGuard Transports	—
high	GO-2026-4899	Sliver: Nil Pointer Dereference in tunnelCloseHandler causes panic when a reverse tunnel (rportfwd) close is attempted	—
low	CVE-2026-29781	Sliver is Vulnerable to Authenticated Nil-Pointer Dereference through its Handlers	—
unknown	CVE-2024-41111	Sliver Allows Authenticated Operator-to-Server Remote Code Execution in github.com/bishopfox/sliver	—
unknown	GHSA-hjr9-wj7v-7hv8	Sliver Vulnerable to Pre-Auth Memory Exhaustion via NoEncoder Bypass in github.com/bishopfox/sliver	—
unknown	CVE-2026-25791	Sliver has DNS C2 OTP Bypass that Allows Unauthenticated Session Flooding and Denial of Service in github.com/bishopfox/sliver	—
unknown	CVE-2026-29781	Sliver is Vulnerable to Authenticated Nil-Pointer Dereference through its Handlers in github.com/bishopfox/sliver	—
unknown	CVE-2026-32941	Sliver Vulnerable to Authenticated OOM via Memory Exhaustion in mTLS/WireGuard Transports in github.com/bishopfox/sliver	—
unknown	GHSA-c279-989m-238f	Sliver: Nil Pointer Dereference in tunnelCloseHandler causes panic when a reverse tunnel (rportfwd) close is attempted in github.com/bishopfox/sliver	—

API access

Get this data programmatically — free, no authentication.

curl https://depscope.dev/api/check/go/github.com/bishopfox/sliver

Last updated · 2026-02-24T04:49:28Z