PT-2026-26551 · Pjsip · Pjsip
Dhkts1
·
Published
2026-03-20
·
Updated
2026-03-24
·
CVE-2026-32942
CVSS v3.1
8.1
High
| Vector | AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
PJSIP versions 2.16 and below
Description
PJSIP is a free and open source multimedia communication library written in C. Versions 2.16 and below contain a heap use-after-free issue in the ICE session. This occurs when race conditions happen between session destruction and callbacks.
Recommendations
Update to version 2.17 or later.
Exploit
Fix
Use After Free
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Pjsip