CVE-2026-4751 - Vulnerability Details

Description

NULL Pointer Dereference vulnerability in tmate-io tmate.This issue affects tmate: before 2.4.0.

Published: 2026-03-24

Score: 5.3 Medium

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

A null pointer dereference in tmate-io tmate leads to application crashes on versions before 2.4.0. The flaw results in denial of service, impacting application availability without disclosure of confidential data or modification of system state. The weakness corresponds to CWE-476.

Affected Systems

The vulnerability affects the tmate-io tmate application, specifically any installation prior to version 2.4.0. All prior releases are susceptible; newer releases are not affected.

Risk and Exploitability

The CVSS score of 5.3 indicates medium severity, while no EPSS score is provided and the issue is absent from the KEV catalog, suggesting limited active exploitation. The flaw appears to be triggered by input that causes a null dereference, which likely requires local or privileged access to the service. Successful exploitation would terminate the service, leading to denial of service for legitimate users.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

tmate-io

tmate

affected

Version	Status	Constraints
`0`	affected	< 2.4.0

No data.

Vendor Product Confidence Versions

Tmate-io

Tmate

100%

Version	Status	Scheme	Platform
`[0,2.4.0)`	affected	generic	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Upgrade tmate to version 2.4.0 or later.

Generated by OpenCVE AI on March 24, 2026 at 07:52 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact Low

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00056.

Exploitation none

Automatable yes

Technical Impact partial

References

Link	Providers
https://github.com/tmate-io/tmate/pull/328

History

Tue, 24 Mar 2026 15:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Tue, 24 Mar 2026 10:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Tmate-io Tmate-io tmate
Vendors & Products		Tmate-io Tmate-io tmate

Tue, 24 Mar 2026 06:15:00 +0000

Type	Values Removed	Values Added
Description		NULL Pointer Dereference vulnerability in tmate-io tmate.This issue affects tmate: before 2.4.0.
Title		NULL Pointer Dereference in tmate-io tmate
Weaknesses		CWE-476
References		https://github.com/tmate-io/tmate/pull/328
Metrics		cvssV3_1 `{'score': 5.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L'}`

Subscriptions

Tmate-io Tmate

MITRE

Status: PUBLISHED

Assigner: GovTech CSG

Published: 2026-03-24T05:37:44.416Z

Updated: 2026-03-24T14:29:05.841Z

Reserved: 2026-03-24T05:37:21.386Z

Link: CVE-2026-4751

Vulnrichment

Updated: 2026-03-24T14:28:59.191Z

NVD

Status : Awaiting Analysis

Published: 2026-03-24T06:16:23.407

Modified: 2026-03-24T15:53:48.067

Link: CVE-2026-4751

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-03-25T20:40:03Z

Weaknesses

CWE-476

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-4751", "assignerOrgId": "1a37b84a-8e51-4525-b3d6-87e2fae01dbd", "state": "PUBLISHED", "assignerShortName": "GovTech CSG", "dateReserved": "2026-03-24T05:37:21.386Z", "datePublished": "2026-03-24T05:37:44.416Z", "dateUpdated": "2026-03-24T14:29:05.841Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1a37b84a-8e51-4525-b3d6-87e2fae01dbd", "shortName": "GovTech CSG", "dateUpdated": "2026-03-24T05:37:44.416Z"}, "title": "NULL Pointer Dereference in tmate-io tmate", "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-476", "description": "CWE-476 NULL Pointer Dereference", "type": "CWE"}]}], "affected": [{"vendor": "tmate-io", "product": "tmate", "collectionURL": "https://github.com/tmate-io/tmate", "versions": [{"status": "affected", "version": "0", "lessThan": "2.4.0", "versionType": "git"}], "defaultStatus": "affected"}], "descriptions": [{"lang": "en", "value": "NULL Pointer Dereference vulnerability in tmate-io tmate.This issue affects tmate: before 2.4.0.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "NULL Pointer Dereference vulnerability in tmate-io tmate.<p>This issue affects tmate: before 2.4.0.</p>"}]}], "references": [{"url": "https://github.com/tmate-io/tmate/pull/328", "tags": ["patch"]}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "LOW", "baseSeverity": "MEDIUM", "baseScore": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}}], "credits": [{"lang": "en", "value": "TITAN Team (titancaproject@gmail.com)", "type": "reporter"}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 0.5.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-24T14:28:52.686331Z", "id": "CVE-2026-4751", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-24T14:29:05.841Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-4751", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-24T14:28:52.686331Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-24T14:28:59.191Z"}}], "cna": {"title": "NULL Pointer Dereference in tmate-io tmate", "source": {"discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "reporter", "value": "TITAN Team (titancaproject@gmail.com)"}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "tmate-io", "product": "tmate", "versions": [{"status": "affected", "version": "0", "lessThan": "2.4.0", "versionType": "git"}], "collectionURL": "https://github.com/tmate-io/tmate", "defaultStatus": "affected"}], "references": [{"url": "https://github.com/tmate-io/tmate/pull/328", "tags": ["patch"]}], "x_generator": {"engine": "Vulnogram 0.5.0"}, "descriptions": [{"lang": "en", "value": "NULL Pointer Dereference vulnerability in tmate-io tmate.This issue affects tmate: before 2.4.0.", "supportingMedia": [{"type": "text/html", "value": "NULL Pointer Dereference vulnerability in tmate-io tmate.<p>This issue affects tmate: before 2.4.0.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-476", "description": "CWE-476 NULL Pointer Dereference"}]}], "providerMetadata": {"orgId": "1a37b84a-8e51-4525-b3d6-87e2fae01dbd", "shortName": "GovTech CSG", "dateUpdated": "2026-03-24T05:37:44.416Z"}}}, "cveMetadata": {"cveId": "CVE-2026-4751", "state": "PUBLISHED", "dateUpdated": "2026-03-24T14:29:05.841Z", "dateReserved": "2026-03-24T05:37:21.386Z", "assignerOrgId": "1a37b84a-8e51-4525-b3d6-87e2fae01dbd", "datePublished": "2026-03-24T05:37:44.416Z", "assignerShortName": "GovTech CSG"}, "dataVersion": "5.2"}

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact Low

User Interaction None

Exploitation none

Automatable yes

Technical Impact partial

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object