Description
PJSIP is a free and open source multimedia communication library written in C. In 2.16 and earlier, there is an out-of-bounds read when parsing a malformed Content-ID URI in SIP multipart message body. Insufficient length validation can cause reads beyond the intended buffer bounds. This vulnerability is fixed in 2.17.
Published: 2026-04-24
Score: 6.7 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Potential memory disclosure through out‑of‑bounds read during SIP multipart parsing
Action: Apply Patch
AI Analysis

Impact

The vulnerability in PJSIP 2.16 and earlier allows an attacker to trigger an out‑of‑bounds read when parsing a malformed Content‑ID URI in a SIP multipart message body. The insufficient length validation causes the library to read beyond the intended buffer, exposing internal memory contents. This weakness corresponds to CWE‑125 and can lead to sensitive data leakage.

Affected Systems

PJproject (PJSIP) versions up to 2.16 are affected. The issue was remedied in release 2.17. Any deployment using PJSIP 2.16 or earlier without an update is susceptible.

Risk and Exploitability

The CVSS score of 6.7 indicates moderate severity, while the EPSS score of less than 1% suggests a low probability of exploitation in the wild. The vulnerability is not listed in the CISA KEV catalog. Exploitation would require delivery of a crafted SIP multipart message, likely over the network. Once triggered, the read could expose memory contents to the attacker, limited to a memory disclosure scenario without evidence of further exploitation.

Generated by OpenCVE AI on April 28, 2026 at 13:36 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade PJSIP to version 2.17 or later to eliminate the vulnerability
  • Apply the vendor patch referenced in the GitHub advisory if an upgrade is not immediately possible
  • Implement input validation or filtering of SIP multipart messages to reject malformed Content‑ID URIs before they reach the library

Generated by OpenCVE AI on April 28, 2026 at 13:36 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 28 Apr 2026 18:45:00 +0000

Type Values Removed Values Added
First Time appeared Teluu
Teluu pjsip
CPEs cpe:2.3:a:teluu:pjsip:*:*:*:*:*:*:*:*
Vendors & Products Teluu
Teluu pjsip
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H'}

 cvssV3_1

{'score': 9.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H'}

Tue, 28 Apr 2026 12:15:00 +0000

Type Values Removed Values Added
References
Metrics threat_severity

None

 cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H'}

threat_severity

Important

Mon, 27 Apr 2026 20:30:00 +0000

Type Values Removed Values Added
First Time appeared Pjsip
Pjsip pjproject
Vendors & Products Pjsip
Pjsip pjproject

Fri, 24 Apr 2026 20:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Fri, 24 Apr 2026 19:00:00 +0000

Type Values Removed Values Added
Description PJSIP is a free and open source multimedia communication library written in C. In 2.16 and earlier, there is an out-of-bounds read when parsing a malformed Content-ID URI in SIP multipart message body. Insufficient length validation can cause reads beyond the intended buffer bounds. This vulnerability is fixed in 2.17.
Title PJSIP: SIP Multipart CID URI Length Underflow
Weaknesses CWE-125
References
Metrics cvssV4_0

{'score': 6.7, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N/E:U'}

Subscriptions

Pjsip Pjproject
Teluu Pjsip
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-04-24T19:58:40.628Z

Reserved: 2026-04-20T15:32:33.813Z

Link: CVE-2026-41415

cve-icon Vulnrichment

Updated: 2026-04-24T19:58:36.890Z

cve-icon NVD

Status : Analyzed

Published: 2026-04-24T19:17:13.170

Modified: 2026-04-28T18:30:54.843

Link: CVE-2026-41415

cve-icon Redhat

Severity : Important

Publid Date: 2026-04-24T18:38:36Z

Links: CVE-2026-41415 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-04-28T13:45:06Z

Weaknesses