CVE-2026-0129
LowCVSS 3.5Exploitation Probability (EPSS)
Low risk6th percentile — higher than 6% of all known CVEs
Summary
In RtcpByePacket::decodeByePacket, there is a possible vulnerability due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed.
Risk Assessment
This vulnerability could allow attackers to gain access to sensitive information, posing a threat to the organization's data security. User interaction is needed for exploitation.
Recommendation
It is recommended to implement proper bounds checking in the code and to monitor user activity to detect potential attempts to exploit this vulnerability.
Original NVD description (English source)
In RtcpByePacket::decodeByePacket, there is a possible due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.

