CVE Catalog

CVE-2026-0140

MediumCVSS 4.3
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.18%

8th percentile — higher than 8% of all known CVEs

Summary

In RtpPacket::decodePacket, there is a possible out-of-bounds read due to an integer overflow. This could lead to remote information disclosure with no additional execution privileges needed.

Risk Assessment

The organization may be exposed to the disclosure of sensitive information, potentially leading to further attacks or security breaches. User interaction is needed for exploitation.

Recommendation

It is recommended to monitor and update the software to minimize the risk associated with this vulnerability. Users should be informed about potential threats related to interacting with suspicious data.

Original NVD description (English source)

In RtpPacket::decodePacket, there is a possible out-of-bounds read due to an integer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS