>

CVE-2026-34235

critical

PJSIP is a free and open source multimedia communication library written in C. Prior to version 2.17, a heap out-of-bounds read vulnerability exists in PJSIP's VP9 RTP unpacketizer that occurs when parsing crafted VP9 Scalability Structure (SS) data. Insufficient bounds checking on the payload descriptor length may cause reads beyond the allocated RTP payload buffer. This issue has been patched in version 2.17. A workaround for this issue involves disabling VP9 codec if not needed.

9.1
cvss critical
common vulnerability scoring system v3.1. measures intrinsic severity on a 0-10 scale.
epss 0.0004
exploitation prediction scoring system. probability this vulnerability will be exploited in the wild in the next 30 days.
kev no
cisa known exploited vulnerabilities catalog. confirmed active exploitation.
CVSS 3.1 Common Vulnerability Scoring System v3.1
9.1 / 10
CRITICAL
exploitability
Attack Vector
Network
Attack Vector (AV:N): exploitable remotely over the network — most dangerous. no physical or adjacent access needed.
Attack Complexity
Low
Attack Complexity (AC:L): no special conditions needed. attack can be reliably reproduced.
Privileges Required
None
Privileges Required (PR:N): no authentication needed. any anonymous attacker can exploit this.
User Interaction
None
User Interaction (UI:N): no victim action needed. fully exploitable without user interaction.
impact
Scope
Unchanged
Scope (S:U): impact limited to the vulnerable component.
Confidentiality
High
Confidentiality (C:H): total information disclosure. attacker gains access to all data within the component.
Integrity
None
Integrity (I:N): no integrity impact.
Availability
High
Availability (A:H): total denial of service. attacker can fully shut down the resource.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
CVSS 4.0 Common Vulnerability Scoring System v4.0
6.9 / 10
MEDIUM
exploitability
Attack Vector
Network
Attack Vector (AV:N): exploitable remotely over the network — most dangerous. no physical or adjacent access needed.
Attack Complexity
Low
Attack Complexity (AC:L): no special conditions needed. attack can be reliably reproduced.
Attack Requirements
None
Attack Requirements (AT:N): no special deployment or execution conditions needed.
Privileges Required
None
Privileges Required (PR:N): no authentication needed. any anonymous attacker can exploit this.
User Interaction
None
User Interaction (UI:N): no victim action needed. fully exploitable without user interaction.
vulnerable system impact
Vuln Confidentiality
None
Confidentiality (VC:N): no confidentiality impact.
Vuln Integrity
None
Integrity (VI:N): no integrity impact.
Vuln Availability
Low
Availability (VA:L): reduced performance or partial service interruption.
subsequent system impact
Sub Confidentiality
None
Subsequent Confidentiality: impact on data confidentiality of downstream/connected systems. Value: N (None)
Sub Integrity
None
Subsequent Integrity: impact on data integrity of downstream/connected systems. Value: N (None)
Sub Availability
None
Subsequent Availability: impact on service availability of downstream/connected systems. Value: N (None)
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
exploit detect attrib advisory media timeline
exploitation detection attribution advisories media timeline
activity density
rdintel assessment
38 threat composite score from 15+ signals including exploitation status, epss probability, detection coverage, and community attention. 0-100 scale.

sign in to view full intelligence

pocs, detection rules, timeline, advisories, and more

sign in create account