CVE Catalog

CVE-2026-0141

MediumCVSS 4.3
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.20%

9th percentile — higher than 9% of all known CVEs

Summary

In the decodeAppPacket function of RtcpAppPacket.cpp, there is a possible out-of-bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed.

Risk Assessment

The organization may be exposed to the disclosure of sensitive information, which could lead to further attacks or privacy breaches.

Recommendation

It is recommended to implement proper bounds checking in the code to prevent out-of-bounds data reads.

Original NVD description (English source)

In decodeAppPacket of RtcpAppPacket.cpp, there is a possible OOB read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS