CVE-2026-0156
HighCVSS 7.5Exploitation Probability (EPSS)
Low risk13th percentile — higher than 13% of all known CVEs
Summary
In checkSsrcCollisionOnRcv of RtpSession.cpp, there is a possible memory safety issue due to a missing null check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.
Risk Assessment
An attacker can remotely cause a system crash, leading to service unavailability. The lack of required privileges and user interaction increases the risk of exploitation.
Recommendation
Immediately update the affected component to a version containing a fix that addresses the missing null check in the checkSsrcCollisionOnRcv function.
Original NVD description (English source)
In checkSsrcCollisionOnRcv of RtpSession.cpp, there is a possible memory safety issue due to a missing null check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.

