CVE-2026-26203

Medium CVSS: 5.1

PJSIP is a free and open source multimedia communication library. Versions prior to 2.17 have a critical heap buffer underflow vulnerability in PJSIP's H.264 packetizer. The bug occurs when processing malformed H.264 bitstreams without NAL unit start codes, where the packetizer performs unchecked pointer arithmetic that can read from memory located before the allocated buffer. Version 2.17 contains a patch for the issue.

Vendor

Pjsip

Product

Pjsip

CWE

CWE-416

Yayın Tarihi

2026-02-19 20:25:43

Güncelleme

2026-02-20 20:12:31

Source Identifier

security-advisories@github.com

KEV Date Added

Kategoriler

CWE-416 Pjsip MEDIUM Pjsip 2026

Referanslar

https://github.com/pjsip/pjproject/commit/5aee54f09d4f91538d55279d7316591b28fded6c https://github.com/pjsip/pjproject/security/advisories/GHSA-p965-mf7j-gwv8

Benzer Kayıtlar

Medium

CVE-2026-33069

PJSIP is a free and open source multimedia communication library written in C. Versions 2.16 and below have a cascading…

High

CVE-2026-32942

PJSIP is a free and open source multimedia communication library written in C. Versions 2.16 and below contain a heap u…

High

CVE-2026-32945

PJSIP is a free and open source multimedia communication library written in C. Versions 2.16 and below have a Heap-based…

High

CVE-2026-29068

PJSIP is a free and open source multimedia communication library written in C. Prior to version 2.17, there is a stack b…

High

CVE-2026-28799

PJSIP is a free and open source multimedia communication library written in C. Prior to version 2.17, a heap use-after-f…

High

CVE-2026-26967

PJSIP is a free and open source multimedia communication library written in C. In versions 2.16 and below, there is a cr…