CVE-2026-32942

Published: Mar 20, 2026 Last Modified: Mar 20, 2026

ExploitDB:

Other exploit source:

Google Dorks:

HIGH 8,0

Source: [email protected]

Attack Vector: network

Attack Complexity: low

Privileges Required: none

User Interaction: none

Confidentiality: N/A

Integrity: N/A

Availability: N/A

Description

AI Translation Available

PJSIP is a free and open source multimedia communication library written in C. Versions 2.16 and below contain a heap use-after-free vulnerability in the ICE session that occurs when there are race conditions between session destruction and the callbacks. This issue has been fixed in version 2.17.

416

Use After Free

Stable

Abstraction: Variant Structure: Simple

Common Consequences

Security Scopes Affected:

Integrity Availability Confidentiality

Potential Impacts:

Modify Memory Dos: Crash, Exit, Or Restart Execute Unauthorized Code Or Commands

Applicable Platforms

Languages: C, C++, Memory-Unsafe

Likelihood of Exploit: High

View CWE Details

https://github.com/pjsip/pjproject/commit/c9caceddabda7f183…

https://github.com/pjsip/pjproject/commit/c9caceddabda7f18337b2a82d25d65f6224b4…

https://github.com/pjsip/pjproject/issues/1451

https://github.com/pjsip/pjproject/security/advisories/GHSA…

https://github.com/pjsip/pjproject/security/advisories/GHSA-g88q-c2hm-q7p7

CVE-2026-32942

Description

Use After Free

Common Consequences

Applicable Platforms

Iscriviti alla newsletter