CVE Catalog

CVE-2026-0156

HighCVSS 7.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.22%

13th percentile — higher than 13% of all known CVEs

Summary

In checkSsrcCollisionOnRcv of RtpSession.cpp, there is a possible memory safety issue due to a missing null check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.

Risk Assessment

An attacker can remotely cause a system crash, leading to service unavailability. The lack of required privileges and user interaction increases the risk of exploitation.

Recommendation

Immediately update the affected component to a version containing a fix that addresses the missing null check in the checkSsrcCollisionOnRcv function.

Original NVD description (English source)

In checkSsrcCollisionOnRcv of RtpSession.cpp, there is a possible memory safety issue due to a missing null check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS