CVE-2026-0148
HighCVSS 8.8Exploitation Probability (EPSS)
Low risk18th percentile - higher than 18% of all known CVEs
Summary
In multiple functions of VideoRtpPayloadDecoderNode.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed.
Risk Assessment
This vulnerability poses a serious risk to organizations as it allows for remote code execution without user interaction, potentially leading to system takeover.
Recommendation
It is recommended to update the software to the latest version to mitigate this vulnerability and to monitor systems for unauthorized activity.
Original NVD description (English source)
In multiple functions of VideoRtpPayloadDecoderNode.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.

