PT-2026-31442 · Kamailio · Kamailio
Published
2026-04-08
·
Updated
2026-04-23
·
CVE-2026-39863
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Kamailio versions prior to 6.1.1, prior to 6.0.6, and prior to 5.8.8
Description
Kamailio, an open source SIP Signaling Server, contains a flaw where a specially crafted data packet sent over TCP can lead to a denial of service (process crash). This impacts Kamailio instances with TCP or TLS listeners. The issue resides in the core of Kamailio.
Recommendations
Update to version 5.1.1 or later
Update to version 6.0.6 or later
Update to version 5.8.8 or later
Fix
DoS
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Kamailio