CVE-2026-0165
MediumCVSS 5.7Exploitation Probability (EPSS)
Low risk6th percentile — higher than 6% of all known CVEs
Summary
In several functions of the RTCP packet decoder, there is a possible out-of-bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed.
Risk Assessment
The organization may be exposed to the disclosure of sensitive information, which could lead to further attacks or security breaches.
Recommendation
It is recommended to apply patches to the RTCP packet decoder and monitor systems for potential exploitation attempts.
Original NVD description (English source)
In several functions of the RTCP packet decoder, there is a possible out-of-bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.

