CVE-2026-4390
MEDIUM
5,3
Source: [email protected]
Attack Vector: network
Attack Complexity: low
Privileges Required: low
User Interaction: none
Confidentiality: N/A
Integrity: N/A
Availability: N/A
MEDIUM
5,4
Source: [email protected]
Attack Vector: network
Attack Complexity: low
Privileges Required: low
User Interaction: none
Scope: unchanged
Confidentiality: none
Integrity: low
Availability: low
MEDIUM
5,5
Source: [email protected]
Access Vector: network
Access Complexity: low
Authentication: single
Confidentiality: none
Integrity: partial
Availability: partial
Description
AI Translation Available
A weakness has been identified in TeamSpeak 3 Server up to 3.13.7. This affects the function process_resend_queue of the component Connection State Management. This manipulation causes use after free. The attack may be initiated remotely. Upgrading to version 3.13.8 is able to mitigate this issue. The affected component should be upgraded.
119
Improper Restriction of Operations within the Bounds of a Memory Buffer
StableCommon Consequences
Security Scopes Affected:
Integrity
Confidentiality
Availability
Potential Impacts:
Execute Unauthorized Code Or Commands
Modify Memory
Read Memory
Dos: Crash, Exit, Or Restart
Dos: Resource Consumption (Cpu)
Dos: Resource Consumption (Memory)
Applicable Platforms
Languages:
Memory-Unsafe, C, C++, Assembly
416
Use After Free
StableCommon Consequences
Security Scopes Affected:
Integrity
Availability
Confidentiality
Potential Impacts:
Modify Memory
Dos: Crash, Exit, Or Restart
Read Memory
Execute Unauthorized Code Or Commands
Applicable Platforms
Languages:
Memory-Unsafe, C, C++
https://files.teamspeak-services.com/docs/security/TS-SA-2026-001.html
https://modzero.com/en/advisories/mz-26-01-teamspeak/
https://vuldb.com/vuln/366314
https://vuldb.com/vuln/366314/cti
https://www.teamspeak.com/en/downloads/#server